Intrusion Prevention

Libpurple.MSN.Protocol.SLP.Message.Heap.Overflow

Description

This indicates an attack attempt against a buffer-overflow vulnerability in Pidgin.
The vulnerability is caused by an error when the msn_slplink_process_msg functions handles a malformed MSN SLP message with a specially crafted header. It allows a remote attacker to execute arbitrary code.

Affected Products

rPath rPath Linux 1
Rob Flynn Gaim 1.3.1
Rob Flynn Gaim 1.3 .0
Rob Flynn Gaim 1.2.1
Rob Flynn Gaim 1.2
Rob Flynn Gaim 1.1.4
Rob Flynn Gaim 1.1.3
Rob Flynn Gaim 1.1.2
Rob Flynn Gaim 1.1.1
Rob Flynn Gaim 1.0.2
Rob Flynn Gaim 1.0.1
Rob Flynn Gaim 1.0
Rob Flynn Gaim 0.82.1
Rob Flynn Gaim 0.82
Rob Flynn Gaim 0.78
Rob Flynn Gaim 0.77
Rob Flynn Gaim 0.75
Rob Flynn Gaim 0.74
Rob Flynn Gaim 0.73
Rob Flynn Gaim 0.72
Rob Flynn Gaim 0.71
Rob Flynn Gaim 0.70
Rob Flynn Gaim 0.69
Rob Flynn Gaim 0.68
Rob Flynn Gaim 0.67
Rob Flynn Gaim 0.66
Rob Flynn Gaim 0.65
Rob Flynn Gaim 0.64
Rob Flynn Gaim 0.63
Rob Flynn Gaim 0.62
Rob Flynn Gaim 0.61
Rob Flynn Gaim 0.60
Rob Flynn Gaim 0.59.8
Rob Flynn Gaim 0.59.1
Rob Flynn Gaim 0.59
Rob Flynn Gaim 0.58
+ Debian Linux 3.0
Rob Flynn Gaim 0.57
Rob Flynn Gaim 0.56
Rob Flynn Gaim 0.55
Rob Flynn Gaim 0.54
Rob Flynn Gaim 0.53
Rob Flynn Gaim 0.52
Rob Flynn Gaim 0.51
Rob Flynn Gaim 0.50
Rob Flynn Gaim 0.10.3
Rob Flynn Gaim 0.10 x
RedHat Enterprise Linux Optional Productivity Application 5 server
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux Desktop Workstation 5 client
RedHat Enterprise Linux Desktop 5 client
RedHat Enterprise Linux AS 4
RedHat Enterprise Linux AS 3
RedHat Desktop 4.0
RedHat Desktop 3.0
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.4.1
Pidgin Pidgin 2.2.2
Pidgin Pidgin 2.2.1
Pidgin Pidgin 2.2
Pidgin Pidgin 2.1
Pidgin Pidgin 2.0.2
Pidgin Pidgin 2.0
Pardus Linux 2008 0
Pardus Linux 2007 0
MandrakeSoft Linux Mandrake 2008.1 x86_64
MandrakeSoft Linux Mandrake 2008.1
MandrakeSoft Linux Mandrake 2008.0 x86_64
MandrakeSoft Linux Mandrake 2008.0
Debian Linux 4.0 sparc
Debian Linux 4.0 s/390
Debian Linux 4.0 powerpc
Debian Linux 4.0 mipsel
Debian Linux 4.0 mips
Debian Linux 4.0 m68k
Debian Linux 4.0 ia-64
Debian Linux 4.0 ia-32
Debian Linux 4.0 hppa
Debian Linux 4.0 arm
Debian Linux 4.0 amd64
Debian Linux 4.0 alpha
Debian Linux 4.0
Adium Adium 1.2.7
Adium Adium 1.2.6
Adium Adium 1.2.5
Adium Adium 1.3

Impact

System Compromise: Remote attackers can gain control of the vulnerable system.

Recommended Actions

Upgrade to version 2.4.3, available from the following web sites:
Pidgin pidgin-2.4.3.exe
http://downloads.sourceforge.net/pidgin/pidgin-2.4.3.exe
Pidgin pidgin-2.4.3.tar.bz2
http://downloads.sourceforge.net/pidgin/pidgin-2.4.3.tar.bz2

CVE References

CVE-2009-1376 CVE-2008-2927