Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.51855
Kategorie:Conectiva Local Security Checks
Titel:Conectiva Security Advisory CLA-2005:933
Zusammenfassung:NOSUMMARY
Beschreibung:Description:

The remote host is missing updates announced in
advisory CLA-2005:933.

Gaim[1] is a multi-protocol instant messaging (IM) client.

This announcement fixes three denial of service vulnerabilities that
were encountered in Gaim.

The fixed vulnerabilities are:

CVE-2005-0472[2]: Gaim before 1.1.3 allows remote attackers to cause
a denial of service (infinite loop) via malformed SNAC packets from
AIM or ICQ.

CVE-2005-0473[3]: The HTML parsing functions in Gaim before 1.1.3
allow remote attackers to cause a denial of service (application
crash) via malformed HTML that causes an invalid memory access.

CVE-2005-0208[4]: The HTML parsing functions in Gaim before 1.1.4
allow remote attackers to cause a denial of service (application
crash) via malformed HTML that causes an invalid memory access. This
vulnerabity is diferent from CVE-2005-0473.

For further informations on Gaim's vulnerabilities, please refer to
the project's security page[5].


Solution:
The apt tool can be used to perform RPM package upgrades
by running 'apt-get update' followed by 'apt-get upgrade'

http://gaim.sourceforge.net/
http://gaim.sourceforge.net/security/
http://www.securityspace.com/smysecure/catid.html?in=CLA-2005:933
http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000933

Risk factor : Medium

CVSS Score:
5.0

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2005-0472
12589
http://www.securityfocus.com/bid/12589
14322
http://secunia.com/advisories/14322
20050225 [USN-85-1] Gaim vulnerabilities
http://marc.info/?l=bugtraq&m=110935655500670&w=2
CLA-2005:933
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000933
DSA-716
http://www.debian.org/security/2005/dsa-716
FLSA:158543
http://www.securityfocus.com/archive/1/426078/100/0/threaded
GLSA-200503-03
http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml
MDKSA-2005:049
http://www.mandriva.com/security/advisories?name=MDKSA-2005:049
RHSA-2005:215
http://www.redhat.com/support/errata/RHSA-2005-215.html
RHSA-2005:432
http://www.redhat.com/support/errata/RHSA-2005-432.html
SUSE-SA:2005:036
http://www.novell.com/linux/security/advisories/2005_36_sudo.html
VU#839280
http://www.kb.cert.org/vuls/id/839280
gaim-snac-dos(19380)
https://exchange.xforce.ibmcloud.com/vulnerabilities/19380
http://gaim.sourceforge.net/security/index.php?id=10
oval:org.mitre.oval:def:10433
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10433
Common Vulnerability Exposure (CVE) ID: CVE-2005-0473
VU#523888
http://www.kb.cert.org/vuls/id/523888
gaim-html-dos(19381)
https://exchange.xforce.ibmcloud.com/vulnerabilities/19381
http://gaim.sourceforge.net/security/index.php?id=11
oval:org.mitre.oval:def:10212
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10212
Common Vulnerability Exposure (CVE) ID: CVE-2005-0208
BugTraq ID: 12660
http://www.securityfocus.com/bid/12660
Bugtraq: 20050225 [USN-85-1] Gaim vulnerabilities (Google Search)
CERT/CC vulnerability note: VU#795812
http://www.kb.cert.org/vuls/id/795812
Conectiva Linux advisory: CLA-2005:933
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10477
http://secunia.com/advisories/14386
SuSE Security Announcement: SUSE-SA:2005:036 (Google Search)
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.