Multiple remotely-triggerable crashes in libpurple
John Bailey
rekkanoryo at rekkanoryo.org
Thu Oct 14 20:44:46 EDT 2010
On 10/14/2010 07:59 AM, Jan Lieskovsky wrote:
>> Thank you! I plan to draft a smaller summary of the original
>> disclosure I
>> posted here for use on our website. I'll post it here once I have
>> drafted it.
>
> Ok, good.
The draft of the shorter text is as follows:
CVE: CVE-2010-3711
Discovered by: Daniel Atallah
Summary: Multiple remotely-triggered denials of service
Description:
It has been discovered that eight denial of service conditions exist in
libpurple all due to insufficient validation of the return value from
purple_base64_decode(). Invalid or malformed data received in place of a valid
base64-encoded value in portions of the Yahoo!, MSN, MySpaceIM, and XMPP
protocol plugins and the NTLM authentication support trigger a crash. These
vulnerabilities can be leveraged by a remote user for denial of service.
Fixed in revision: <not yet available>
Fixed in version: 2.7.4 <not yet available>
Fix: Check the return value from purple_base64_decode() before trying to use it.
>> I've never dealt with vendor-sec. Any assistance in that regard is
>> quite welcome.
>
> Ok, great. We will post a short notification to vendor-sec then. But
> prior doing
> that would like to request you for the approval to privately share your
> original
> post to this list together with patches, is someone requests them.
>
> We would post hosrt notification and provide further flaws details (your
> original
> notification) on in case, someone (some vendor) requests them.
You have my approval.
John
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://pidgin.im/cgi-bin/mailman/private/packagers/attachments/20101014/748e9d35/attachment.pgp>
More information about the Packagers
mailing list