CVE-2005-2448
CVSS5.0
发布时间 :2005-08-03 00:00:00
修订时间 :2016-10-17 23:27:25
NMCOPS    

[原文]Multiple "endianness errors" in libgadu in ekg before 1.6rc2 allow remote attackers to cause a denial of service (invalid behavior in applications) on big-endian systems.


[CNNVD]EKG libgadu 多个远程整数溢出漏洞(CNNVD-200508-022)

        Eksperymentalny Klient Gadu-Gadu(EKG)是一款支持Gadu-Gadu的通信客户端程序。
        EKG libgadu中存在多个远程整数溢出漏洞,攻击者可以利用这个漏洞执行任意机器代码。失败的攻击尝试可能导致拒绝服务。起因是在内存分配和拷贝操作中使用用户输入数据之前没有正确的执行过滤。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:ekg:ekg:1.5
cpe:/a:ekg:ekg:1.4
cpe:/a:ekg:ekg:1.3
cpe:/a:ekg:ekg:1.1
cpe:/a:ekg:ekg:1.6_rc1
cpe:/a:ekg:ekg:2005-04-11
cpe:/a:ekg:ekg:2005-06-05

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:11263Multiple "endianness errors" in libgadu in ekg before 1.6rc2 allow remote attackers to cause a denial of service (invalid behavior in applic...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2448
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2448
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200508-022
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=112198499417250&w=2
(UNKNOWN)  BUGTRAQ  20050721 Multiple vulnerabilities in libgadu and ekg package
http://www.debian.org/security/2005/dsa-813
(UNKNOWN)  DEBIAN  DSA-813
http://www.debian.org/security/2007/dsa-1318
(UNKNOWN)  DEBIAN  DSA-1318
http://www.securityfocus.com/bid/14415
(UNKNOWN)  BID  14415
http://www.securityfocus.com/bid/24600
(UNKNOWN)  BID  24600

- 漏洞信息

EKG libgadu 多个远程整数溢出漏洞
中危 其他
2005-08-03 00:00:00 2005-10-20 00:00:00
远程  
        Eksperymentalny Klient Gadu-Gadu(EKG)是一款支持Gadu-Gadu的通信客户端程序。
        EKG libgadu中存在多个远程整数溢出漏洞,攻击者可以利用这个漏洞执行任意机器代码。失败的攻击尝试可能导致拒绝服务。起因是在内存分配和拷贝操作中使用用户输入数据之前没有正确的执行过滤。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        http://www.debian.org/security/2005/dsa-767
        

- 漏洞信息 (F57309)

Debian Linux Security Advisory 1318-1 (PacketStormID:F57309)
2007-06-26 00:00:00
Debian  debian.org
advisory,remote,vulnerability
linux,debian
CVE-2005-2370,CVE-2005-2448,CVE-2007-1663,CVE-2007-1664,CVE-2007-1665
[点击下载]

Debian Security Advisory 1318-1 - Several remote vulnerabilities have been discovered in ekg, a console Gadu Gadu client.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1318-1                    security@debian.org
http://www.debian.org/security/                         Moritz Muehlenhoff
June 22nd, 2007                         http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : ekg
Vulnerability  : several
Problem-Type   : remote
Debian-specific: no
CVE ID         : CVE-2005-2370 CVE-2005-2448 CVE-2007-1663 CVE-2007-1664 CVE-2007-1665

Several remote vulnerabilities have been discovered in ekg, a console
Gadu Gadu client. The Common Vulnerabilities and Exposures project
identifies the following problems:

CVE-2005-2370

    It was discovered that memory alignment errors may allow remote
    attackers to cause a denial of service on certain architectures
    such as sparc. This only affects Debian Sarge.

CVE-2005-2448

    It was discovered that several endianess errors may allow remote
    attackers to cause a denial of service. This only affects 
    Debian Sarge.

CVE-2007-1663

    It was discovered that a memory leak in handling image messages may
    lead to denial of service. This only affects Debian Etch.

CVE-2007-1664

    It was discovered that a null pointer deference in the token OCR code
    may lead to denial of service. This only affects Debian Etch.

CVE-2007-1665

    It was discovered that a memory leak in the token OCR code may lead
    to denial of service. This only affects Debian Etch.

For the oldstable distribution (sarge) these problems have been fixed in
version 1.5+20050411-7. This updates lacks updated packages for the m68k
architecture. They will be provided later.

For the stable distribution (etch) these problems have been fixed
in version 1:1.7~rc2-1etch1.

For the unstable distribution (sid) these problems have been fixed in
version 1:1.7~rc2-2.

We recommend that you upgrade your ekg packages.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-7.dsc
      Size/MD5 checksum:      755 c13c5003913b5a6826a2318ff6457466
    http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-7.diff.gz
      Size/MD5 checksum:    43213 bbcdcf5b7acf8df37c6557fb3caf65f2
    http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411.orig.tar.gz
      Size/MD5 checksum:   495079 bc246779de6f6c97f289e60b60db6c14

  Alpha architecture:

    http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-7_alpha.deb
      Size/MD5 checksum:   313386 5f9e1df11e20416d456550fbc7272b6b
    http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-7_alpha.deb
      Size/MD5 checksum:   154124 fbfb2b2dac00fd0b8f8d520a034808e1
    http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-7_alpha.deb
      Size/MD5 checksum:    70480 bbc1774ca41b284d7077075b2e54e094

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-7_amd64.deb
      Size/MD5 checksum:   280046 8afce052b5a90e52d98bb5056b4c3677
    http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-7_amd64.deb
      Size/MD5 checksum:   129478 cb4c07f3a023501dc4282a949ae6f0c3
    http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-7_amd64.deb
      Size/MD5 checksum:    64766 91cb2126b68ad573beb3cf71a10a4862

  ARM architecture:

    http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-7_arm.deb
      Size/MD5 checksum:   268022 8e83e14d2221e43e0f84d21004ecdc6e
    http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-7_arm.deb
      Size/MD5 checksum:   129516 75f62242848fcd8c04a769d8b2b70fb3
    http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-7_arm.deb
      Size/MD5 checksum:    62650 9f1005a1902d5f088f8916113da1d9fa

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-7_hppa.deb
      Size/MD5 checksum:   288256 2f760288780881eff8c000a7d5287ab7
    http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-7_hppa.deb
      Size/MD5 checksum:   135902 42d5b64ede073387c03f914c2f3b9a7d
    http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-7_hppa.deb
      Size/MD5 checksum:    69330 31208354bcb32e72e812f773cb5bd582

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-7_i386.deb
      Size/MD5 checksum:   269760 fee79fac0639b2b80cb8e29df80b267c
    http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-7_i386.deb
      Size/MD5 checksum:   126480 a428c99fb8b13a9ae1c691cc5d65420e
    http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-7_i386.deb
      Size/MD5 checksum:    63604 be480904f42852892049fa980a8ba521

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-7_ia64.deb
      Size/MD5 checksum:   355486 6425e823262700c3d06d6dc28bd5a889
    http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-7_ia64.deb
      Size/MD5 checksum:   150436 02a50df61a2fe956ba62e76367c169c7
    http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-7_ia64.deb
      Size/MD5 checksum:    80364 1fef77a49dd87394b691b5623c72607b

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-7_mips.deb
      Size/MD5 checksum:   281056 d819d23c9ef923a282e74af566013761
    http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-7_mips.deb
      Size/MD5 checksum:   132178 1d2366458dd2e9c7d6d507adde131308
    http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-7_mips.deb
      Size/MD5 checksum:    61982 83ae72d761312226134db573f078ab83

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-7_mipsel.deb
      Size/MD5 checksum:   280690 314d213d4296f1a231e8534becff7405
    http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-7_mipsel.deb
      Size/MD5 checksum:   132164 8d7c1227c0f36c33a0952765e9f2dca4
    http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-7_mipsel.deb
      Size/MD5 checksum:    61972 f1b286a5c481f1ea487af4c6c9864d23

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-7_powerpc.deb
      Size/MD5 checksum:   280810 a123142acdbf773bfbcff1a55584aa19
    http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-7_powerpc.deb
      Size/MD5 checksum:   131878 0635d337c8bae23f613448d560acc61d
    http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-7_powerpc.deb
      Size/MD5 checksum:    65974 2736e6c7114bcd6a281f5a7e2e43351a

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-7_s390.deb
      Size/MD5 checksum:   279310 3a9db64ccd003295eadd2c1d0b9b640e
    http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-7_s390.deb
      Size/MD5 checksum:   128964 9d7752770b05bafdf8e8ea09eb58a15f
    http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-7_s390.deb
      Size/MD5 checksum:    64442 729126714688fa21a339b8d22a545bd2

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-7_sparc.deb
      Size/MD5 checksum:   269676 a07e3241c1d7cb106bfb8e3002665757
    http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-7_sparc.deb
      Size/MD5 checksum:   128524 2b66271a6ef4c18fc040832145a1e83b
    http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-7_sparc.deb
      Size/MD5 checksum:    64668 90418a7aeea9c7ce980de5c46e871a9f

Debian GNU/Linux 4.0 alias etch
- -------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/e/ekg/ekg_1.7~rc2-1etch1.dsc
      Size/MD5 checksum:      750 f776cbffc3c5757239311f68cbb06863
    http://security.debian.org/pool/updates/main/e/ekg/ekg_1.7~rc2-1etch1.diff.gz
      Size/MD5 checksum:    36873 1ed9055534fa44d865262b14f8b30341
    http://security.debian.org/pool/updates/main/e/ekg/ekg_1.7~rc2.orig.tar.gz
      Size/MD5 checksum:   514073 b4ea482130e163af1456699e2e6983d9

  Alpha architecture:

    http://security.debian.org/pool/updates/main/e/ekg/ekg_1.7~rc2-1etch1_alpha.deb
      Size/MD5 checksum:   319638 61b5664b0460876546de510fbd0059a9
    http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.7~rc2-1etch1_alpha.deb
      Size/MD5 checksum:   160798 6d3bdb00bb1432e45423f832337f6087
    http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.7~rc2-1etch1_alpha.deb
      Size/MD5 checksum:    74902 46be93166fa4c5a293ac71d89777fed8

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/e/ekg/ekg_1.7~rc2-1etch1_amd64.deb
      Size/MD5 checksum:   299404 03a5d6a3e922b849f20029a8ff7998f4
    http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.7~rc2-1etch1_amd64.deb
      Size/MD5 checksum:   135146 41b387de4cf01fe6da695594c94b20aa
    http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.7~rc2-1etch1_amd64.deb
      Size/MD5 checksum:    69188 a463fefd5a7ba02d63d2ce30274d4aa1

  ARM architecture:

    http://security.debian.org/pool/updates/main/e/ekg/ekg_1.7~rc2-1etch1_arm.deb
      Size/MD5 checksum:   286656 b54c96a818dd03ca8495fdf695344b3d
    http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.7~rc2-1etch1_arm.deb
      Size/MD5 checksum:   131622 91543dea78bcd279f0bff1e19e75822b
    http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.7~rc2-1etch1_arm.deb
      Size/MD5 checksum:    67496 83b69e379ed35e86555c5dda94ce7a63

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/e/ekg/ekg_1.7~rc2-1etch1_hppa.deb
      Size/MD5 checksum:   309102 6d63580fbeff38010fc50c41e8586ead
    http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.7~rc2-1etch1_hppa.deb
      Size/MD5 checksum:   141536 aaac39e76b748763e8fd0cfa98d8dde8
    http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.7~rc2-1etch1_hppa.deb
      Size/MD5 checksum:    73240 ad652a0bf5df9f67dd3836af637d89f2

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/e/ekg/ekg_1.7~rc2-1etch1_i386.deb
      Size/MD5 checksum:   282332 cea1b184efefb7454b6c0b25a3e8d875
    http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.7~rc2-1etch1_i386.deb
      Size/MD5 checksum:   131262 ab42291b25f3501983ea1fa3e61e5832
    http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.7~rc2-1etch1_i386.deb
      Size/MD5 checksum:    67370 28242d8c48f5cf14b7cdd1dff1c8f44d

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/e/ekg/ekg_1.7~rc2-1etch1_ia64.deb
      Size/MD5 checksum:   394586 75bf8f5b8890dffbc539d79105f31896
    http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.7~rc2-1etch1_ia64.deb
      Size/MD5 checksum:   157904 d2891a73971207417313c5217cba4641
    http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.7~rc2-1etch1_ia64.deb
      Size/MD5 checksum:    86568 d760ad9563615e5a76f46f50ba87b94e

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/e/ekg/ekg_1.7~rc2-1etch1_mips.deb
      Size/MD5 checksum:   297038 8bf5b347f3b25110a7fe7e0b9a171899
    http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.7~rc2-1etch1_mips.deb
      Size/MD5 checksum:   140652 6cb382cf6a63b5b02701b60b9ca0d6a2
    http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.7~rc2-1etch1_mips.deb
      Size/MD5 checksum:    66324 8bd8e1c3a08ef2f59a4127c60bccae7a

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/e/ekg/ekg_1.7~rc2-1etch1_mipsel.deb
      Size/MD5 checksum:   297042 f5b2271e9e64c0fd2de08569b7a4fcae
    http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.7~rc2-1etch1_mipsel.deb
      Size/MD5 checksum:   140598 ab9c505c30d97a14e92d283f4e42a861
    http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.7~rc2-1etch1_mipsel.deb
      Size/MD5 checksum:    66384 7ac15a45f175d9e7dd0d9e9ff7387a27

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/e/ekg/ekg_1.7~rc2-1etch1_powerpc.deb
      Size/MD5 checksum:   297622 22e279870a880ac1c6dfc71ac42f30bb
    http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.7~rc2-1etch1_powerpc.deb
      Size/MD5 checksum:   136040 fdd5e885773c0dcf69f25e810f2e4bbc
    http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.7~rc2-1etch1_powerpc.deb
      Size/MD5 checksum:    69932 49df2e6b8d5435e12d8eb6ff2881ab4a

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/e/ekg/ekg_1.7~rc2-1etch1_s390.deb
      Size/MD5 checksum:   302738 1653f57ea628f86c96568c64847dc176
    http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.7~rc2-1etch1_s390.deb
      Size/MD5 checksum:   134614 6801cc3c2cfbf17f41284ef351d6d6c8
    http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.7~rc2-1etch1_s390.deb
      Size/MD5 checksum:    69440 d63382b49cb1f66af8f9bac116a701f5

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/e/ekg/ekg_1.7~rc2-1etch1_sparc.deb
      Size/MD5 checksum:   286648 93f735711c69d3add89f6c58050b426c
    http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.7~rc2-1etch1_sparc.deb
      Size/MD5 checksum:   133128 515716db148f7292a7793672bc6cff1f
    http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.7~rc2-1etch1_sparc.deb
      Size/MD5 checksum:    67892 59f7df3b28746ba3943b465cfaa8f7b1


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGfEFhXm3vHE4uyloRAv9/AKDEte+fsrFBf4A/G+1mPImx3XUpKACguq0+
MjOH56NLrMDywrUd1VZovL8=
=pKfV
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
    

- 漏洞信息

18127
libgadu on Big-Endian Architecture Unspecified Issue
Location Unknown Attack Type Unknown
Exploit Unknown

- 漏洞描述

Unknown or Incomplete

- 时间线

2005-07-21 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 1.6rc3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

EKG Libgadu Multiple Memory Alignment Remote Denial of Service Vulnerabilities
Failure to Handle Exceptional Conditions 14415
Yes No
2005-07-21 12:00:00 2007-06-23 05:08:00
Discovery is credited to Szymon Zygmunt and Micha Bartoszkiewicz.

- 受影响的程序版本

Ubuntu Ubuntu Linux 5.0 4 powerpc
Ubuntu Ubuntu Linux 5.0 4 i386
Ubuntu Ubuntu Linux 5.0 4 amd64
Ubuntu Ubuntu Linux 4.1 ppc
Ubuntu Ubuntu Linux 4.1 ia64
Ubuntu Ubuntu Linux 4.1 ia32
Slackware Linux 10.1
Slackware Linux 10.0
Slackware Linux 9.1
Slackware Linux 9.0
Slackware Linux -current
SGI ProPack 3.0 SP6
Rob Flynn Gaim 1.2.1
+ Conectiva Linux 10.0
+ Conectiva Linux 9.0
+ Gentoo Linux
+ MandrakeSoft Corporate Server 3.0 x86_64
+ MandrakeSoft Corporate Server 3.0
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
+ Red Hat Enterprise Linux AS 4
+ Red Hat Enterprise Linux AS 3
+ RedHat Enterprise Linux ES 4
+ RedHat Enterprise Linux ES 3
+ RedHat Enterprise Linux WS 4
+ RedHat Enterprise Linux WS 3
RedHat Linux 9.0 i386
RedHat Linux 7.3 i686
RedHat Linux 7.3 i386
RedHat Linux 7.3
RedHat Desktop 4.0
RedHat Desktop 3.0
Red Hat Fedora Core4
Red Hat Fedora Core3
Red Hat Fedora Core2
Red Hat Fedora Core1
Mandriva Linux Mandrake 10.2 x86_64
Mandriva Linux Mandrake 10.2
Mandriva Linux Mandrake 10.1 x86_64
Mandriva Linux Mandrake 10.1
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
ekg ekg 1.6 rc2
ekg ekg 1.6 rc1
ekg ekg 1.5
ekg ekg 1.4
ekg ekg 1.3
ekg ekg 1.1
ekg ekg 2005-06-05 22:03
ekg ekg 2005-04-11
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Conectiva Linux 10.0
Centericq Centericq 4.20
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
ekg ekg 1.6 rc3

- 不受影响的程序版本

ekg ekg 1.6 rc3

- 漏洞讨论

EKG 'libgadu' is susceptible to multiple remote denial-of-service vulnerabilities.

A malformed incoming message can trigger a bus error and lead to a crash.

Note that these issues do not affect the application running on x86 architecture.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

Vendor upgrades are available. Please see the referenced advisories for more information.


Slackware Linux -current

ekg ekg 2005-04-11

ekg ekg 2005-06-05 22:03

ekg ekg 1.1

Rob Flynn Gaim 1.2.1

ekg ekg 1.3

ekg ekg 1.4

ekg ekg 1.5

ekg ekg 1.6 rc2

ekg ekg 1.6 rc1

Conectiva Linux 10.0

SGI ProPack 3.0 SP6

Centericq Centericq 4.20

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站