Summary MSN strncpy buffer overflow
Date 2004-08-22
CVE Number CVE-2004-0500
Discovered By Sebastian Krahmer, SUSE Security Team
Fixed In Release 0.82


In two places in the MSN protocol plugins (object.c and slp.c), strncpy was used incorrectly. The size of the array was not checked before copying to it. Both bugs affect MSN’s MSNSLP protocol, which is peer-to-peer, so this could potentially be easy to exploit.


Bounds checking was added in both places.

Looking to reach us via XMPP? Check out the new PidginChat service!