pidgin/nest

Add all cve advisories from 2010

11 months ago, Sorvival
56acee7044a0
Parents b4241824a900
Children be3fd81e6f2b
Add all cve advisories from 2010

Testing Done:
Built locally with `dev-server.sh` and verified contents of advisories added

Bugs closed: NEST-43

Reviewed at https://reviews.imfreedom.org/r/512/
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/hugo/content/about/security/advisories/cve-2010-0013-00.md Sat Feb 13 20:12:24 2021 -0600
@@ -0,0 +1,22 @@
+---
+title: cve-2010-0013-00
+date: 2010-01-08T00:00:00.000Z
+cveNumber: cve-2010-0013
+summary: MSN file download vulnerability
+discoveredBy: Fabian Yamaguchi
+fixedInRelease: 2.6.5
+type: security
+layout: cve
+hidden: true
+---
+
+### Description
+
+The MSN protocol plugin extracts the filename of a custom emoticon from an
+incoming request and uploads that file without correlating the filename to a
+valid custom emoticon.
+
+### Mitigation
+
+Validate the custom emoticon requested is valid before uploading its file data.
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/hugo/content/about/security/advisories/cve-2010-0277-00.md Sat Feb 13 20:12:24 2021 -0600
@@ -0,0 +1,21 @@
+---
+title: cve-2010-0277-00
+date: 2010-02-18T00:00:00.000Z
+cveNumber: cve-2010-0277
+summary: MSN malformed SLP message crash
+discoveredBy: Fabian Yamaguchi
+fixedInRelease: 2.6.6
+type: security
+layout: cve
+hidden: true
+---
+
+### Description
+
+Certain malformed SLP messages can trigger a crash because the MSN protocol
+plugin fails to check that all pieces of the message are set correctly.
+
+### Mitigation
+
+Validate input before attempting to handle the message.
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/hugo/content/about/security/advisories/cve-2010-0420-00.md Sat Feb 13 20:12:24 2021 -0600
@@ -0,0 +1,23 @@
+---
+title: cve-2010-0420-00
+date: 2010-02-18T00:00:00.000Z
+cveNumber: cve-2010-0420
+summary: Finch XMPP MUC crash
+discoveredBy: Sadrul Habib Chowdhury
+fixedInRelease: 2.6.6
+type: security
+layout: cve
+hidden: true
+---
+
+### Description
+
+If a user in a multi-user chat room has a nickname containing '<br>' then
+libpurple ends up having two users with username ' ' in the room, and Finch
+crashes in this situation. We do not believe there is a possibility of remote
+code execution.
+
+### Mitigation
+
+Correctly parse '<br>' so that it appears literally rather than as ' '.
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/hugo/content/about/security/advisories/cve-2010-0423-00.md Sat Feb 13 20:12:24 2021 -0600
@@ -0,0 +1,22 @@
+---
+title: cve-2010-0423-00
+date: 2010-02-18T00:00:00.000Z
+cveNumber: cve-2010-0423
+summary: Smiley denial of service
+discoveredBy: Antti Hayrynen
+fixedInRelease: 2.6.6
+type: security
+layout: cve
+hidden: true
+---
+
+### Description
+
+oCERT notified us about a problem in Pidgin, where a large amount of processing
+time will be used when inserting many smileys into an IM or chat window. This
+should not cause a crash, but Pidgin can become unusably slow.
+
+### Mitigation
+
+A limit was added for the maximum number of smileys allowed in a conversation.
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/hugo/content/about/security/advisories/cve-2010-1624-00.md Sat Feb 13 20:12:24 2021 -0600
@@ -0,0 +1,25 @@
+---
+title: cve-2010-1624-00
+date: 2010-05-12T00:00:00.000Z
+cveNumber: cve-2010-1624
+summary: MSN emoticon denial of service
+discoveredBy: Pierre Nogu├Ęs of Meta Security
+fixedInRelease: 2.7.0
+type: security
+layout: cve
+hidden: true
+---
+
+### Description
+
+A vulnerability was discovered in libpurple's MSN protocol plugin that can cause
+a denial of service (crash) due to insufficient validation of certain SLP
+packets related to custom emoticons. An attacker could use this vulnerability to
+remotely crash a client using libpurple for MSN. It is not possible for this
+vulnerability to be exploited for code execution. As a workaround, disabling
+custom emoticons on MSN accounts will prevent the vulnerability.
+
+### Mitigation
+
+Validation has been added to the MSN plugin to prevent the crash.
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/hugo/content/about/security/advisories/cve-2010-2528-00.md Sat Feb 13 20:12:24 2021 -0600
@@ -0,0 +1,21 @@
+---
+title: cve-2010-2528-00
+date: 2010-07-21T00:00:00.000Z
+cveNumber: cve-2010-2528
+summary: ICQ X-Status denial of service
+discoveredBy: Mark Doliner
+fixedInRelease: 2.7.2
+type: security
+layout: cve
+hidden: true
+---
+
+### Description
+
+Certain incorrectly formed X-Status messages can cause libpurple to attempt to
+dereference a NULL pointer, which triggers a crash.
+
+### Mitigation
+
+Improve the parsing of the X-Status message to be more robust.
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/hugo/content/about/security/advisories/cve-2010-3711-00.md Sat Feb 13 20:12:24 2021 -0600
@@ -0,0 +1,25 @@
+---
+title: cve-2010-3711-00
+date: 2010-10-20T00:00:00.000Z
+cveNumber: cve-2010-3711
+summary: Multiple remotely-triggered denials of service
+discoveredBy: Daniel Atallah
+fixedInRelease: 2.7.4
+type: security
+layout: cve
+hidden: true
+---
+
+### Description
+
+It has been discovered that eight denial of service conditions exist in
+libpurple all due to insufficient validation of the return value from
+`purple_base64_decode()`. Invalid or malformed data received in place of a valid
+base64-encoded value in portions of the Yahoo!, MSN, MySpaceIM, and XMPP
+protocol plugins and the NTLM authentication support trigger a crash. These
+vulnerabilities can be leveraged by a remote user for denial of service.
+
+### Mitigation
+
+Check the return value from `purple_base64_decode()` before trying to use it.
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/hugo/content/about/security/advisories/cve-2010-4528-00.md Sat Feb 13 20:12:24 2021 -0600
@@ -0,0 +1,23 @@
+---
+title: cve-2010-4528-00
+date: 2010-12-26T00:00:00.000Z
+cveNumber: cve-2010-4528
+summary: MSN direct connection denial of service
+discoveredBy: Stu Tomlinson
+fixedInRelease: 2.7.9
+type: security
+layout: cve
+hidden: true
+---
+
+### Description
+
+It was discovered that libpurple 2.7.6 through 2.7.8 did not properly handle
+"short" packets in MSN direct connection sessions, leading to a crash due to a
+NULL pointer dereference. Malicious clients or users can exploit this to cause a
+denial of service (crash).
+
+### Mitigation
+
+Ignore short packets.
+