Vulnerabilities > CVE-2012-2369 - USE of Externally-Controlled Format String vulnerability in Cypherpunks Pidgin-Otr 3.2.0

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
cypherpunks
pidgin
CWE-134
nessus
NVD
Published: 2012-05-23
Updated: 2018-01-06

Summary

Format string vulnerability in the log_message_cb function in otr-plugin.c in the Off-the-Record Messaging (OTR) pidgin-otr plugin before 3.2.1 for Pidgin might allow remote attackers to execute arbitrary code via format string specifiers in data that generates a log message.

Vulnerable Configurations

Part Description Count
Application
Cypherpunks
1
Application
Pidgin
1

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Format String Injection
    An attacker includes formatting characters in a string input field on the target application. Most applications assume that users will provide static text and may respond unpredictably to the presence of formatting character. For example, in certain functions of the C programming languages such as printf, the formatting character %s will print the contents of a memory location expecting this location to identify a string and the formatting character %n prints the number of DWORD written in the memory. An attacker can use this to read or write to memory locations or files, or simply to manipulate the value of the resulting text in unexpected ways. Reading or writing memory may result in program crashes and writing memory could result in the execution of arbitrary code if the attacker can write to the program stack.
  • String Format Overflow in syslog()
    This attack targets the format string vulnerabilities in the syslog() function. An attacker would typically inject malicious input in the format string parameter of the syslog function. This is a common problem, and many public vulnerabilities and associated exploits have been posted.

Nessus

  • NASL familyWindows
    NASL idPIDGIN_OTR_3_2_1.NASL
    descriptionThe version of Pidgin OTR (Off-the-Record) installed on the remote Windows host is prior to 3.2.1 and is, therefore, affected by a format string vulnerability that could allow a remote attacker to execute arbitrary code on the affected host.
    last seen2020-06-01
    modified2020-06-02
    plugin id59195
    published2012-05-18
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/59195
    titlePidgin OTR < 3.2.1 Format String
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_AA71DAAA9F8C11E1BD0A0082A0C18826.NASL
    descriptionThe authors report : Versions 3.2.0 and earlier of the pidgin-otr plugin contain a format string security flaw. This flaw could potentially be exploited by a remote attacker to cause arbitrary code to be executed on the user
    last seen2020-06-01
    modified2020-06-02
    plugin id59168
    published2012-05-17
    reporterThis script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/59168
    titleFreeBSD : pidgin-otr -- format string vulnerability (aa71daaa-9f8c-11e1-bd0a-0082a0c18826)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_PIDGIN-OTR-120604.NASL
    descriptionA format string flaw in pidgin-otr could have caused a denial of service condition or even potentially allowed attackers to execute arbitrary code. This has been fixed.
    last seen2020-06-05
    modified2013-01-25
    plugin id64212
    published2013-01-25
    reporterThis script is Copyright (C) 2013-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/64212
    titleSuSE 11.1 Security Update : pidgin-otr (SAT Patch Number 6380)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2012-8063.NASL
    descriptionNew release addresses Format string vulnerability CVE-2012-2369 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2012-05-21
    plugin id59205
    published2012-05-21
    reporterThis script is Copyright (C) 2012-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/59205
    titleFedora 16 : pidgin-otr-3.2.1-1.fc16 (2012-8063)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2012-7948.NASL
    descriptionNew release addresses Format string vulnerability CVE-2012-2369 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2012-05-29
    plugin id59272
    published2012-05-29
    reporterThis script is Copyright (C) 2012-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/59272
    titleFedora 17 : pidgin-otr-3.2.1-1.fc17 (2012-7948)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-2476.NASL
    descriptionintrigeri discovered a format string error in pidgin-otr, an Off-the-Record Messaging plugin for Pidgin. This could be exploited by a remote attacker to cause arbitrary code to be executed on the user
    last seen2020-03-17
    modified2012-05-22
    plugin id59215
    published2012-05-22
    reporterThis script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/59215
    titleDebian DSA-2476-1 : pidgin-otr - format string vulnerability
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2012-314.NASL
    descriptionpidgin-otr was prone to a format string flaw in log_message_cb
    last seen2020-06-05
    modified2014-06-13
    plugin id74646
    published2014-06-13
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/74646
    titleopenSUSE Security Update : pidgin-otr (openSUSE-SU-2012:0717-1)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201207-05.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201207-05 (pidgin-otr: Arbitrary code execution) A format string vulnerability has been found in the
    last seen2020-06-01
    modified2020-06-02
    plugin id59897
    published2012-07-10
    reporterThis script is Copyright (C) 2012-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/59897
    titleGLSA-201207-05 : pidgin-otr: Arbitrary code execution

References