Jeff is absolutely correct. We've given them yahoo code, they have given us yahoo code. Sean Egan and one of their heads, a guy named Scott, are on good terms. no theft either way involved here. luke
On Tue, Feb 24, 2004 at 08:50:49PM -0500, [EMAIL PROTECTED] wrote: > It might be wise to go to http://gaim.sf.net and actually read the notes > for 0.70. It says: > > "Our friends over at Cerulean Studios managed to break my speed record at > cracking Yahoo authentication schemes with an impressive feat of hackery. > They sent it over and here it is in Gaim 0.70. However, certain details of > the authentication scheme depend on the challenge string the server sends > us, and there's really no way to tell what it does until Yahoo starts > sending new challenge strings. So you can expect a few more breakages to > come soon. I wouldn't sign offline if I were you. Peep the ChangeLog." > > Does that mean it was stolen? Doesn't sound like it. It sounds like > Trillian gave the code to Gaim. > > Jeff > > > > > > Tobias Weisserth <[EMAIL PROTECTED]> > Sent by: [EMAIL PROTECTED] > 02/24/2004 04:23 PM > Please respond to tobias > > To: [EMAIL PROTECTED] > cc: [EMAIL PROTECTED], [EMAIL PROTECTED], > [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], > [EMAIL PROTECTED], [EMAIL PROTECTED] > Subject: Re: [Full-Disclosure] Advisory 02/2004: Trillian > remote overflows -> maybe this is off-topic, but... > > > Hi everybody, > > Am Di, den 24.02.2004 schrieb Stefan Esser um 19:52: > > ... > > "What is Trillian? > > > > Trillian is a skinnable, interoperable instant messaging client. > > Grab the best IM client available on the Internet today! > > Trillian .74 is completely free, with no spyware and no ads. > > Over 10 million downloads can't be wrong!" > > "Completely free". Aha. Where is the source code and a suitable license > to modify and share modifications? > > "No spyware". Aha. How can we know without the source? Well, I guess we > have to take their word. > > > While playing around with the recently found Gaim vulnerabilities > > it was discovered that two of them also affect Trillian and allow > > remote compromise. > > Is this a coincidence? > > > Details: > > > > While testing the developed exploits against other instant > > messaging clients it was discovered that Trillian as one of the > > most popular 3rd party instant client for the windows operating > > system is indeed vulnerable to the bugs discovered in the GAIM > > sourcecode > > Know I wonder if this is indeed a coincidence. I'm not too familiar with > the protocols involved and the way code is written to utilise them, but > doesn't the fact that the GAIM exploits work without modification on > Trillian imply that Trillian maybe is using the parts of the same code > as GAIM? Just a stupid question. But I really don't know. Please > enlighten me. > > > The bugs in question are > > > > [01 - AIM/Oscar DirectIM Integer Overflow] > > > > When Trillian receives a DirectIM packet with a size above 8kb > > it spawns a thread to receive the complete packet. This thread > > allocates a buffer for the incoming packet and one extra byte. > > This procedure suffers from an integer overflow when the size > > is UINT_MAX and will only allocate a buffer of minimum size > > in that case. This buffer is then filled with multiple calls to > > recv() which will result in an arbitrary size heap overflow. > > > > [02 - Yahoo Packet Parser Overflow] > > > > A Yahoo Messenger packet consist of a header and a list of keys > > with their associated values. When reading an oversized keyname > > a standard stackoverflow can be triggered. > > > > The code below is part of Trillian since version 0.71 which was > > released on the 18th december 2001. It was manually decompiled. > > The variable names were taken from the GAIM source code. If you > > compare the decompiled code with the code in yahoo.c (revision > > 1.12 from 15th nov 2001) you will realise that it is more or > > less identical. It is up to the reader to find an explanation > > how this GPL licensed codesnippet ended up in Trillian. > > AHA! Got you. This must be pretty embarrassing for Trillian. Is someone > from the GAIM team reading this list? > > [rest snipped] > > I'd like to know from the Trillian people how they explain this > "coincidence". Widespread abuse of GPL software seems to become more and > more common. > > kind regards, > Tobias Weissert > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
