Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Trillian Protocol Handling Buffer Overflow Vulnerabilities

Feb 24, 2004 11:31PM PST

Secunia Advisory: SA10973
Release Date: 2004-02-25
Critical: Moderately critical
Impact: System access
Where: From remote

Software: Trillian 0.x
Trillian Pro 1.x
Trillian Pro 2.x

Description:
Stefan Esser has discovered two vulnerabilities in Trillian, which can be exploited by malicious people to compromise a user's system.

An integer overflow exists in the handling of the AIM/Oscar Protocol when allocating memory for DirectIM packets. This can be exploited to corrupt the heap by sending a specially crafted DirectIM packet to a user's system.

A boundary error when parsing Yahoo packets can result in a buffer overflow. This can be exploited by sending a specially crafted YMSG packet with an overly long key name to a vulnerable system. Exploitation of this issue requires the ability to conduct a MitM attack (Man-in-the-Middle).

Successful exploitation of the vulnerabilities may allow execution of arbitrary code on a vulnerable system with the user's privileges.

The vulnerabilities have been reported in the following versions:
* Trillian 0.71 through 0.74F
* Trillian Pro 1.0
* Trillian Pro 2.0
* Trillian Pro 2.01

Solution:
Update to Trillian 0.74G, Trillian Pro 2.011, or apply patches.
http://www.trillian.cc/downloads/

http://secunia.com/advisories/10973/

Discussion is locked