Vulnerability Name:

CVE-2004-0500 (CCN-16920)

Assigned:2004-08-05
Published:2004-08-05
Updated:2017-10-11
Summary:Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2004-0500

Source: CCN
Type: Conectiva Linux Security Announcement CLSA-2004:884
Fixes for gaim's vulnerabilities

Source: CCN
Type: Gaim Web page
News - gaim

Source: CONFIRM
Type: UNKNOWN
http://gaim.sourceforge.net/security/?id=0

Source: CCN
Type: RHSA-2004-400
gaim security update

Source: CCN
Type: Slackware Security Advisory SSA:2004-240-01
gaim updated again

Source: CCN
Type: Slackware Security Mailing List, Thu, 26 Aug 2004 19:48:11 -0700 (PDT)
[slackware-security] gaim (SSA:2004-239-01)

Source: FEDORA
Type: UNKNOWN
FEDORA-2004-278

Source: FEDORA
Type: UNKNOWN
FEDORA-2004-279

Source: CCN
Type: GLSA-200408-12
Gaim: MSN protocol parsing function buffer overflow

Source: GENTOO
Type: Patch, Vendor Advisory
GLSA-200408-12

Source: CCN
Type: GLSA-200408-27
Gaim: New vulnerabilities

Source: GENTOO
Type: UNKNOWN
GLSA-200408-27

Source: MANDRAKE
Type: UNKNOWN
MDKSA-2004:081

Source: SUSE
Type: UNKNOWN
SUSE-SA:2004:025

Source: REDHAT
Type: UNKNOWN
RHSA-2004:400

Source: BID
Type: Patch, Vendor Advisory
10865

Source: CCN
Type: BID-10865
Gaim Multiple MSN Protocol Buffer Overflow Vulnerabilities

Source: XF
Type: UNKNOWN
gaim-msn-bo(16920)

Source: XF
Type: UNKNOWN
gaim-msn-bo(16920)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:9429

Source: SUSE
Type: SUSE-SA:2004:023
libpng: remote system compromise

Source: SUSE
Type: SUSE-SA:2004:024
kernel: local privilege escalation

Source: SUSE
Type: SUSE-SA:2004:025
gaim: remote code execution

Vulnerable Configuration:Configuration 1:
  • cpe:/a:rob_flynn:gaim:0.10:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.10.3:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.50:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.51:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.52:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.53:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.54:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.55:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.56:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.57:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.58:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.59:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.59.1:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.60:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.61:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.62:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.63:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.64:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.65:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.66:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.67:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.68:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.69:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.70:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.71:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.72:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.73:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.74:*:*:*:*:*:*:*
  • OR cpe:/a:rob_flynn:gaim:0.75:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:gentoo:linux:1.4:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:9429
    V
    		Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call.
    2013-04-29
    oval:com.redhat.rhsa:def:20040400
    P
    		RHSA-2004:400: gaim security update (Critical)
    2004-09-07
    BACK
    rob_flynn gaim 0.10
    rob_flynn gaim 0.10.3
    rob_flynn gaim 0.50
    rob_flynn gaim 0.51
    rob_flynn gaim 0.52
    rob_flynn gaim 0.53
    rob_flynn gaim 0.54
    rob_flynn gaim 0.55
    rob_flynn gaim 0.56
    rob_flynn gaim 0.57
    rob_flynn gaim 0.58
    rob_flynn gaim 0.59
    rob_flynn gaim 0.59.1
    rob_flynn gaim 0.60
    rob_flynn gaim 0.61
    rob_flynn gaim 0.62
    rob_flynn gaim 0.63
    rob_flynn gaim 0.64
    rob_flynn gaim 0.65
    rob_flynn gaim 0.66
    rob_flynn gaim 0.67
    rob_flynn gaim 0.68
    rob_flynn gaim 0.69
    rob_flynn gaim 0.70
    rob_flynn gaim 0.71
    rob_flynn gaim 0.72
    rob_flynn gaim 0.73
    rob_flynn gaim 0.74
    rob_flynn gaim 0.75
    gentoo linux 1.4
    mandrakesoft mandrake linux 9.2
    mandrakesoft mandrake linux 9.2
    mandrakesoft mandrake linux 10.0
    mandrakesoft mandrake linux 10.0