Vulnerabilities > CVE-2002-0384 - Unspecified vulnerability in ROB Flynn Gaim

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
rob-flynn
nessus

Summary

Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code.

Nessus

  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2002-054.NASL
    descriptionVersions of Gaim (an AOL instant message client) prior to 0.58 contain a buffer overflow in the Jabber plug-in module. As well, a vulnerability was discovered in the URL-handling code, where the
    last seen2020-06-01
    modified2020-06-02
    plugin id13956
    published2004-07-31
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/13956
    titleMandrake Linux Security Advisory : gaim (MDKSA-2002:054-1)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandrake Linux Security Advisory MDKSA-2002:054. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(13956);
      script_version ("1.24");
      script_cvs_date("Date: 2019/08/02 13:32:46");
    
      script_cve_id("CVE-2002-0384", "CVE-2002-0989");
      script_bugtraq_id(5406, 5574);
      script_xref(name:"MDKSA", value:"2002:054-1");
    
      script_name(english:"Mandrake Linux Security Advisory : gaim (MDKSA-2002:054-1)");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Mandrake Linux host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Versions of Gaim (an AOL instant message client) prior to 0.58 contain
    a buffer overflow in the Jabber plug-in module. As well, a
    vulnerability was discovered in the URL-handling code, where the
    'manual' browser command passes an untrusted string to the shell
    without reliable quoting or escaping. This allows an attacker to
    execute arbitrary commands on the user's machine with the user's
    permissions. Those using the built-in browser commands are not
    vulnerable.
    
    Update :
    
    The 8.1 package had an incorrect dependency on perl. This package has
    been replaced with a proper package. Please note the differing md5
    sums."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://gaim.sourceforge.net/ChangeLog"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected gaim package.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gaim");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:8.1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2002/09/05");
      script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/31");
      script_set_attribute(attribute:"vuln_publication_date", value:"2002/08/07");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK8.1", cpu:"i386", reference:"gaim-0.59.1-1.1mdk", yank:"mdk")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2002-122.NASL
    descriptionUpdated gaim packages are now available for Red Hat Linux Advanced Server. These updates fix a buffer overflow in the Jabber plug-in module. Gaim is an instant messaging client based on the published TOC protocol from AOL. Versions of gaim prior to 0.58 contain a buffer overflow in the Jabber plug-in module. Users of gaim should update to these errata packages containing gaim 0.59 which is not vulnerable to this issue. Please note that gaim version 0.57 had an additional security problem which has been fixed in version 0.58 (CVE-2002-0377); however, Red Hat Linux Advanced Server did not ship with version 0.57 and was not vulnerable to this issue. [update 14 Aug 2002] Previous packages pushed were not signed, this update replaces the packages with signed versions
    last seen2020-06-01
    modified2020-06-02
    plugin id12633
    published2004-07-06
    reporterThis script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/12633
    titleRHEL 2.1 : gaim (RHSA-2002:122)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2002:122. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(12633);
      script_version ("1.26");
      script_cvs_date("Date: 2019/10/25 13:36:09");
    
      script_cve_id("CVE-2002-0384");
      script_xref(name:"RHSA", value:"2002:122");
    
      script_name(english:"RHEL 2.1 : gaim (RHSA-2002:122)");
      script_summary(english:"Checks the rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated gaim packages are now available for Red Hat Linux Advanced
    Server. These updates fix a buffer overflow in the Jabber plug-in
    module.
    
    Gaim is an instant messaging client based on the published TOC
    protocol from AOL. Versions of gaim prior to 0.58 contain a buffer
    overflow in the Jabber plug-in module.
    
    Users of gaim should update to these errata packages containing gaim
    0.59 which is not vulnerable to this issue.
    
    Please note that gaim version 0.57 had an additional security problem
    which has been fixed in version 0.58 (CVE-2002-0377); however, Red Hat
    Linux Advanced Server did not ship with version 0.57 and was not
    vulnerable to this issue.
    
    [update 14 Aug 2002] Previous packages pushed were not signed, this
    update replaces the packages with signed versions"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2002-0384"
      );
      # http://gaim.sourceforge.net/ChangeLog
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.pidgin.im/ChangeLog"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2002:122"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected gaim package.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:gaim");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:2.1");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2002/10/04");
      script_set_attribute(attribute:"patch_publication_date", value:"2002/08/20");
      script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/06");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^2\.1([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 2.1", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    if (cpu !~ "^i[3-6]86$") audit(AUDIT_ARCH_NOT, "i386", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2002:122";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"gaim-0.59-0.2.1.1")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gaim");
      }
    }
    

Redhat

advisories
  • rhsa
    idRHSA-2002:098
  • rhsa
    idRHSA-2002:107
  • rhsa
    idRHSA-2002:122
  • rhsa
    idRHSA-2003:156