Threat Level: green Handler on Duty: Yee Ching Tok

SANS ISC: Vulnerability in Pidgin, patch! SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Vulnerability in Pidgin, patch!

Time for your daily patch.

CORE security technologies published a vulnerability in libpurple.  Libpurple is the backend frame work to many Instant Messenger clients.

Pidgin, Finch, Adium, Meebo, and Gaim among others.  Although CORE only specifically mentions GAIM, Libpurple, Pidgin, and Adium specifically, the other libpurple based ones may be vulnerable as well.

Versions of Libpurple <= 2.5.8 (Pidgin <=2.5.8 and Adium <=1.3.5) are vulnerable.  The vulnerability is an exploit in the function msn_slplink_process_msg() which handles instant messages from the MSN network. 

All it takes to exploit this vulnerability is to receive a message from another MSN user.  They do not have to be on your buddy list.  Unless your buddy list states that you only allow specific users to contact you, it's the only mitigation step.  (Other than patching or logging off of the MSN network.)


Upgrade to a version of your respective IM client that is based off of pidgin.  Non vulnerable versions of Libpurple are >=2.5.9.

-- Joel Esler | |


454 Posts
Aug 20th 2009

Sign Up for Free or Log In to start participating in the conversation!