Miranda IM Multiple Buffer Overflow Vulnerabilities

 

***Summary***

Multiple buffer overflow vulnerabilities exist in Miranda IM, a popular
open source instant messaging client.

 

***Scope***

These vulnerabilities have been verified in the following Miranda IM
version(s):

 

0.6.8

0.7.0

 

Note: one vulnerability in version 0.6.8 was fixed in version 0.7.0.

 

***Description***

Miranda IM is a popular open source instant messaging client that
supports a wide range of protocols.  Multiple buffer overflow
vulnerabilities have been found in Miranda IM, including a remotely
triggered stack based overflow in the section that implements the Yahoo!
Messenger protocol.  A maliciously crafted Yahoo! Messenger packet could
overflow a buffer on the stack and lead to arbitrary code execution. 

 

***Recommendations***

Upgrade to version 0.7.1 or later of the Miranda IM client. Also, remote
exploitation of the vulnerabilities can be prevented by blocking Yahoo!
Messenger traffic on your network.

 

 

***Credits***

David Wharton is a security researcher with SecureWorks' Research Team
and is working on his M.S. in Information Security degree from Georgia
Tech.

 

***About SecureWorks***

With over 1,800 clients, SecureWorks is one of the leading managed
security services providers in the market. The research and advisory
firm, Gartner, Inc., recently positioned SecureWorks in the Leaders
quadrant in its Managed Security Services Provider (MSSP) Magic Quadrant
for the first half of 2007 and Forrester Research  cited SecureWorks as
the "MSSP with the largest market share of customers in North America"
in their recent Wave report.   SecureWorks provides effective security
services by leveraging our integrated security management platform,
advanced security research, and 100 percent GIAC certified experts.  By
providing a full breadth of security services, SecureWorks offers
fully-managed, co-managed, monitored or self-service security solutions
to meet the needs of Fortune 100 companies with large security teams as
well as smaller companies with no security expertise.  In addition,
SecureWorks has helped companies pass over 2,400 compliance audits by
providing comprehensive and straight-forward board and examination
reports.  SecureWorks won SC Magazine's 2007 and 2006 MSSP of the Year
award and the 2006 Best Intrusion Prevention award, Frost & Sullivan's
2006 Entrepreneurial Company of the Year award and was named to the
Deloitte & Touche, Inc. 500 and Inc. 5000 lists of fastest growing
companies for the past three years.  Recently, SecureWorks made #92 on
Entrepreneur Magazine's list of the Hot 500 fastest growing businesses
in the US.    

 

***References***

SecureWorks Announcement

http://secureworks.com/research/threats/miranda/

 

Miranda IM

http://www.miranda-im.org/

 

Miranda IM v0.7.1 announcement

http://www.miranda-im.org/2007/10/18/miranda-im-v071-released/

 

Official Yahoo! Messenger Site

http://messenger.yahoo.com/

 

CVE-2007-5542 (affects version 0.6.8 only)

CVE-2007-5543 (affects versions 0.6.8 and 0.7.0)

 

***CVSS Scoring (version 2.0)***

Note: this is calculated for the remotely exploitable vulnerabilities
only.

 

CVSS Base Score: 8.0

Overall CVSS Score: 8.0