Vulnerabilities > CVE-2012-2369 - Use of Externally-Controlled Format String vulnerability in Cypherpunks Pidgin-Otr 3.1.0/3.2.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Format string vulnerability in the log_message_cb function in otr-plugin.c in the Off-the-Record Messaging (OTR) pidgin-otr plugin before 3.2.1 for Pidgin might allow remote attackers to execute arbitrary code via format string specifiers in data that generates a log message.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 | |
| Application | 1 |
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Format String Injection An attacker includes formatting characters in a string input field on the target application. Most applications assume that users will provide static text and may respond unpredictably to the presence of formatting character. For example, in certain functions of the C programming languages such as printf, the formatting character %s will print the contents of a memory location expecting this location to identify a string and the formatting character %n prints the number of DWORD written in the memory. An attacker can use this to read or write to memory locations or files, or simply to manipulate the value of the resulting text in unexpected ways. Reading or writing memory may result in program crashes and writing memory could result in the execution of arbitrary code if the attacker can write to the program stack.
- String Format Overflow in syslog() This attack targets the format string vulnerabilities in the syslog() function. An attacker would typically inject malicious input in the format string parameter of the syslog function. This is a common problem, and many public vulnerabilities and associated exploits have been posted.
Nessus
NASL family Windows NASL id PIDGIN_OTR_3_2_1.NASL description The version of Pidgin OTR (Off-the-Record) installed on the remote Windows host is prior to 3.2.1 and is, therefore, affected by a format string vulnerability that could allow a remote attacker to execute arbitrary code on the affected host. last seen 2020-06-01 modified 2020-06-02 plugin id 59195 published 2012-05-18 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/59195 title Pidgin OTR < 3.2.1 Format String NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_AA71DAAA9F8C11E1BD0A0082A0C18826.NASL description The authors report : Versions 3.2.0 and earlier of the pidgin-otr plugin contain a format string security flaw. This flaw could potentially be exploited by a remote attacker to cause arbitrary code to be executed on the user last seen 2020-06-01 modified 2020-06-02 plugin id 59168 published 2012-05-17 reporter This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/59168 title FreeBSD : pidgin-otr -- format string vulnerability (aa71daaa-9f8c-11e1-bd0a-0082a0c18826) NASL family SuSE Local Security Checks NASL id SUSE_11_PIDGIN-OTR-120604.NASL description A format string flaw in pidgin-otr could have caused a denial of service condition or even potentially allowed attackers to execute arbitrary code. This has been fixed. last seen 2020-06-05 modified 2013-01-25 plugin id 64212 published 2013-01-25 reporter This script is Copyright (C) 2013-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/64212 title SuSE 11.1 Security Update : pidgin-otr (SAT Patch Number 6380) NASL family Fedora Local Security Checks NASL id FEDORA_2012-8063.NASL description New release addresses Format string vulnerability CVE-2012-2369 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2012-05-21 plugin id 59205 published 2012-05-21 reporter This script is Copyright (C) 2012-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/59205 title Fedora 16 : pidgin-otr-3.2.1-1.fc16 (2012-8063) NASL family Fedora Local Security Checks NASL id FEDORA_2012-7948.NASL description New release addresses Format string vulnerability CVE-2012-2369 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2012-05-29 plugin id 59272 published 2012-05-29 reporter This script is Copyright (C) 2012-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/59272 title Fedora 17 : pidgin-otr-3.2.1-1.fc17 (2012-7948) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2476.NASL description intrigeri discovered a format string error in pidgin-otr, an Off-the-Record Messaging plugin for Pidgin. This could be exploited by a remote attacker to cause arbitrary code to be executed on the user last seen 2020-03-17 modified 2012-05-22 plugin id 59215 published 2012-05-22 reporter This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/59215 title Debian DSA-2476-1 : pidgin-otr - format string vulnerability NASL family SuSE Local Security Checks NASL id OPENSUSE-2012-314.NASL description pidgin-otr was prone to a format string flaw in log_message_cb last seen 2020-06-05 modified 2014-06-13 plugin id 74646 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/74646 title openSUSE Security Update : pidgin-otr (openSUSE-SU-2012:0717-1) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201207-05.NASL description The remote host is affected by the vulnerability described in GLSA-201207-05 (pidgin-otr: Arbitrary code execution) A format string vulnerability has been found in the last seen 2020-06-01 modified 2020-06-02 plugin id 59897 published 2012-07-10 reporter This script is Copyright (C) 2012-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/59897 title GLSA-201207-05 : pidgin-otr: Arbitrary code execution
References
- http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00003.html
- http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00003.html
- http://openwall.com/lists/oss-security/2012/05/16/2
- http://openwall.com/lists/oss-security/2012/05/16/2
- http://security.gentoo.org/glsa/glsa-201207-05.xml
- http://security.gentoo.org/glsa/glsa-201207-05.xml
- http://www.debian.org/security/2012/dsa-2476
- http://www.debian.org/security/2012/dsa-2476