CVE-2010-3711 security vulnerability in pidgin < 2.7.4

Bug #666998 reported by elrond
260
This bug affects 1 person
Affects Status Importance Assigned to Milestone
pidgin (Ubuntu)
Fix Released
Medium
Unassigned
Hardy
Fix Released
Medium
Unassigned
Karmic
Fix Released
Medium
Unassigned
Lucid
Fix Released
Medium
Unassigned
Maverick
Fix Released
Medium
Unassigned
Natty
Fix Released
Medium
Unassigned

Bug Description

Binary package hint: pidgin

Pidgin 2.7.4 fixes CVE-2010-3711. Description: "It has been discovered that eight denial of service conditions exist in libpurple all due to insufficient validation of the return value from purple_base64_decode(). Invalid or malformed data received in place of a valid base64-encoded value in portions of the Yahoo!, MSN, MySpaceIM, and XMPP protocol plugins and the NTLM authentication support trigger a crash. These vulnerabilities can be leveraged by a remote user for denial of service".

References:
http://pidgin.im/news/security/?id=48
http://developer.pidgin.im/viewmtn/revision/info/b01c6a1f7fe4d86b83f5f10917b3cb713989cfcc

visibility: private → public
Changed in pidgin (Ubuntu Karmic):
status: New → Confirmed
Changed in pidgin (Ubuntu Maverick):
status: New → Confirmed
Changed in pidgin (Ubuntu Natty):
status: New → Confirmed
Changed in pidgin (Ubuntu Karmic):
importance: Undecided → Medium
Changed in pidgin (Ubuntu Hardy):
importance: Undecided → Medium
Changed in pidgin (Ubuntu Lucid):
importance: Undecided → Medium
Changed in pidgin (Ubuntu Natty):
importance: Undecided → Medium
Changed in pidgin (Ubuntu Maverick):
importance: Undecided → Medium
Changed in pidgin (Ubuntu Lucid):
status: New → Confirmed
Changed in pidgin (Ubuntu Hardy):
status: New → Confirmed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package pidgin - 1:2.7.3-1ubuntu3.1

---------------
pidgin (1:2.7.3-1ubuntu3.1) maverick-security; urgency=low

  * SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
    - debian/patches/61_CVE-2010-3711.patch: correctly handle
      purple_base64_decode return codes in libpurple/ntlm.c,
      libpurple/plugins/perl/common/Util.xs,
      libpurple/protocols/{jabber/auth_digest_md5.c,msn/slp.c,
      myspace/message.c,oscar/clientlogin.c,qq/im.c,yahoo/libymsg.c}.
    - CVE-2010-3711
 -- Marc Deslauriers <email address hidden> Tue, 02 Nov 2010 17:17:40 -0400

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package pidgin - 1:2.6.6-1ubuntu4.1

---------------
pidgin (1:2.6.6-1ubuntu4.1) lucid-security; urgency=low

  * SECURITY UPDATE: denial of service via custom emoticon
    - debian/patches/93_CVE-2010-1624.patch: make sure body is valid in
      libpurple/protocols/msn/slp.c.
    - CVE-2010-1624
  * SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
    - debian/patches/94_CVE-2010-3711.patch: correctly handle
      purple_base64_decode return codes in libpurple/ntlm.c,
      libpurple/plugins/perl/common/Util.xs,
      libpurple/protocols/{jabber/auth_digest_md5.c,msn/slp.c,
      myspace/message.c,oscar/clientlogin.c,qq/im.c,yahoo/libymsg.c}.
    - CVE-2010-3711
 -- Marc Deslauriers <email address hidden> Wed, 03 Nov 2010 08:51:08 -0400

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package pidgin - 1:2.6.2-1ubuntu7.3

---------------
pidgin (1:2.6.2-1ubuntu7.3) karmic-security; urgency=low

  * SECURITY UPDATE: denial of service via custom emoticon
    - debian/patches/68_CVE-2010-1624.patch: make sure body is valid in
      libpurple/protocols/msn/slp.c.
    - CVE-2010-1624
  * SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
    - debian/patches/69_CVE-2010-3711.patch: correctly handle
      purple_base64_decode return codes in libpurple/ntlm.c,
      libpurple/plugins/perl/common/Util.xs,
      libpurple/protocols/{jabber/auth.c,msn/slp.c,myspace/message.c,
      oscar/clientlogin.c,qq/im.c,yahoo/libymsg.c}.
    - CVE-2010-3711
 -- Marc Deslauriers <email address hidden> Wed, 03 Nov 2010 09:02:12 -0400

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package pidgin - 1:2.4.1-1ubuntu2.10

---------------
pidgin (1:2.4.1-1ubuntu2.10) hardy-security; urgency=low

  * SECURITY UPDATE: denial of service via custom emoticon
    - debian/patches/94_security_CVE-2010-1624.patch: make sure body is
      valid in libpurple/protocols/{msn,msnp9}/slp.c.
    - CVE-2010-1624
  * SECURITY UPDATE: denial of service via base64 decoding (LP: #666998)
    - debian/patches/94_security_CVE-2010-3711.patch: correctly handle
      purple_base64_decode return codes in libpurple/ntlm.c,
      libpurple/protocols/{jabber/auth.c,msn/slp.c,msnp9/slp.c,
      myspace/message.c,yahoo/yahoo.c}.
    - CVE-2010-3711
 -- Marc Deslauriers <email address hidden> Wed, 03 Nov 2010 09:36:41 -0400

Changed in pidgin (Ubuntu Hardy):
status: Confirmed → Fix Released
Changed in pidgin (Ubuntu Karmic):
status: Confirmed → Fix Released
Changed in pidgin (Ubuntu Lucid):
status: Confirmed → Fix Released
Changed in pidgin (Ubuntu Maverick):
status: Confirmed → Fix Released
elrond (elrond.)
Changed in pidgin (Ubuntu Natty):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.