Gentoo GLSA-200701-20 Normal: Centericq Remote Code Execution

Gentoo Linux Security Advisory GLSA 200701-20 https://security.gentoo.org/ Severity: Normal Title: Centericq: Remote buffer overflow in LiveJournal handling Date: January 24, 2007 Bugs: #160793 ID: 200701-20

Synopsis ======= Centericq does not properly handle communications with the LiveJournal service, allowing for the remote execution of arbitrary code.
Background ========= Centericq is a text mode menu-driven and window-driven instant messaging interface.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-im/centericq <= 4.21.0-r2 Vulnerable! ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers.
========== When interfacing with the LiveJournal service, Centericq does not appropriately allocate memory for incoming data, in some cases creating a buffer ove...