Vulnerability CVE-2016-2372

Vulnerability Name:

CVE-2016-2372 (CCN-114366)

Assigned:

2016-06-21

Published:

2016-06-21

Updated:

2017-03-30

Summary:

An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious user, server, or man-in-the-middle attacker can send an invalid size for a file transfer which will trigger an out-of-bounds read vulnerability. This could result in a denial of service or copy data from memory to the file, resulting in an information leak if the file is sent to another user.

CVSS v3 Severity:

5.9 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H)
5.2 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H/E:U/RL:U/RC:R)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): High

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
4.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:U/RC:R)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

4.9 Medium (CVSS v2 Vector: AV:N/AC:M/Au:S/C:P/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-125
CWE-200

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2016-2372

Source: DEBIAN
Type: Third Party Advisory
DSA-3620

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.pidgin.im/news/security/?id=105

Source: BID
Type: Third Party Advisory, VDB Entry
91335

Source: CCN
Type: Talos Vulnerability Report TALOS-2016-0140
Pidgin MXIT File Transfer Length Memory Disclosure Vulnerability

Source: MISC
Type: Technical Description, Third Party Advisory
http://www.talosintelligence.com/reports/TALOS-2016-0140/

Source: UBUNTU
Type: Third Party Advisory
USN-3031-1

Source: XF
Type: UNKNOWN
pidgin-cve20162372-dos(114366)

Source: GENTOO
Type: UNKNOWN
GLSA-201701-38

Source: CCN
Type: Pidgin Web site
Pidgin, the universal chat client

Vulnerable Configuration:

Configuration 1:

cpe:/a:pidgin:pidgin:*:*:*:*:*:*:*:* (Version <= 2.10.12)

Configuration 2:

cpe:/o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:pidgin:pidgin:2.10.11:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20162372	V	CVE-2016-2372	2021-08-15
oval:org.opensuse.security:def:28353	P	Security update for pidgin (Important)	2020-12-01
oval:org.opensuse.security:def:27481	P	librsvg-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26905	P	glibc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27636	P	Security update for OpenSSL	2020-12-01
oval:org.opensuse.security:def:27189	P	libgtop on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27534	P	perl-Tk-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26916	P	hplip on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27680	P	Security update for Xen	2020-12-01
oval:org.opensuse.security:def:27246	P	nagios-nrpe on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27583	P	xorg-x11-libXext-devel-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26980	P	libxcrypt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28318	P	Security update for openssl (Moderate)	2020-12-01
oval:org.opensuse.security:def:27330	P	xorg-x11-libXext-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26904	P	glib2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27622	P	Security update for icu	2020-12-01
oval:org.opensuse.security:def:27108	P	dbus-1-glib on GA media (Moderate)	2020-12-01
oval:com.ubuntu.precise:def:20162372000	V	CVE-2016-2372 on Ubuntu 12.04 LTS (precise) - low.	2017-01-06
oval:com.ubuntu.trusty:def:20162372000	V	CVE-2016-2372 on Ubuntu 14.04 LTS (trusty) - low.	2017-01-06
oval:com.ubuntu.xenial:def:201623720000000	V	CVE-2016-2372 on Ubuntu 16.04 LTS (xenial) - low.	2017-01-06
oval:com.ubuntu.xenial:def:20162372000	V	CVE-2016-2372 on Ubuntu 16.04 LTS (xenial) - low.	2017-01-06
oval:org.cisecurity:def:967	P	DSA-3620-1 -- pidgin -- security update	2016-08-26

BACK