That's huge. I just disabled MSN.
On Thu, 28 Aug 2008, Paul Ferguson wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > FYI. > > - - ferg > > [forwarded message] > > From: [EMAIL PROTECTED] > To: [EMAIL PROTECTED], [EMAIL PROTECTED] > > > ZDI-08-054: Multiple Vendor libpurple MSN Protocol SLP Message Heap > Overflow Vulnerability > http://www.zerodayinitiative.com/advisories/ZDI-08-054 > August 28, 2008 > > - -- CVE ID: > CVE-2008-2927 > > - -- Affected Vendors: > Adium > Pidgin > > - -- Affected Products: > Adium Adiumx > Pidgin Pidgin > > - -- Vulnerability Details: > This vulnerability allows remote attackers to execute arbitrary code on > systems with vulnerable installations of messaging applications that > make use of the libpurple library. User interaction is not required to > exploit this vulnerability. > > The specific flaw exists in the implementation of the MSN protocol, > specifically the handling of SLP messages. The function > msn_slplink_process_msg() fails to properly validate an offset value > specified in the SLP packet. By providing a specific value, an attacker > can overflow a heap buffer resulting in arbitrary code execution. > > - -- Vendor Response: > Pidgin has issued an update to correct this vulnerability. More > details can be found at: > > http://www.pidgin.im/news/security/?id=25 > > - -- Disclosure Timeline: > 2008-05-27 - Vulnerability reported to vendor > 2008-08-28 - Coordinated public release of advisory > > - -- Credit: > This vulnerability was discovered by: > * Anonymous > > - -- About the Zero Day Initiative (ZDI): > Established by TippingPoint, The Zero Day Initiative (ZDI) represents > a best-of-breed model for rewarding security researchers for responsibly > disclosing discovered vulnerabilities. > > Researchers interested in getting paid for their security research > through the ZDI can find more information and sign-up at: > > http://www.zerodayinitiative.com > > The ZDI is unique in how the acquired vulnerability information is > used. TippingPoint does not re-sell the vulnerability details or any > exploit code. Instead, upon notifying the affected product vendor, > TippingPoint provides its customers with zero day protection through > its intrusion prevention technology. Explicit details regarding the > specifics of the vulnerability are not exposed to any parties until > an official vendor patch is publicly available. Furthermore, with the > altruistic aim of helping to secure a broader user base, TippingPoint > provides this vulnerability information confidentially to security > vendors (including competitors) who have a vulnerability protection or > mitigation product. > > Our vulnerability disclosure policy is available online at: > > http://www.zerodayinitiative.com/advisories/disclosure_policy/ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > [end] > > -----BEGIN PGP SIGNATURE----- > Version: PGP Desktop 9.6.3 (Build 3017) > > wj8DBQFItw5/q1pz9mNUZTMRAiIeAKCk2GTUjT1A/fwSTgXSYWcGBVlQ6ACgtqZN > eYa/wG/vi0HvzgacNPVUJAo= > =CrOU > -----END PGP SIGNATURE----- > > -- > "Fergie", a.k.a. Paul Ferguson > Engineering Architecture for the Internet > fergdawg(at)netzero.net > ferg's tech blog: http://fergdawg.blogspot.com/ > > > _______________________________________________ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. > _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
