FreeBSD Local Security Checks : FreeBSD Ports: gaim, ja-gaim, ko-gaim, ru-gaim

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.52141

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: gaim, ja-gaim, ko-gaim, ru-gaim

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following packages are affected:

gaim
ja-gaim
ko-gaim
ru-gaim

CVE-2005-0966
The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions,
allows (1) remote attackers to inject arbitrary Gaim markup via
irc_msg_kick, irc_msg_mode, irc_msg_part, irc_msg_quit, (2) remote
attackers to inject arbitrary Pango markup and pop up empty dialog
boxes via irc_msg_invite, or (3) malicious IRC servers to cause a
denial of service (application crash) by injecting certain Pango
markup into irc_msg_badmode, irc_msg_banned, irc_msg_unknown,
irc_msg_nochan functions.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
6.4

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-0966
13003
http://www.securityfocus.com/bid/13003
14815
http://secunia.com/advisories/14815
20050401 multiple remote denial of service vulnerabilities in Gaim
http://marc.info/?l=bugtraq&m=111238715307356&w=2
FLSA:158543
http://www.securityfocus.com/archive/1/426078/100/0/threaded
MDKSA-2005:071
http://www.mandriva.com/security/advisories?name=MDKSA-2005:071
RHSA-2005:365
http://www.redhat.com/support/errata/RHSA-2005-365.html
SUSE-SA:2005:036
http://www.novell.com/linux/security/advisories/2005_36_sudo.html
gaim-irc-plugin-bo(19937)
https://exchange.xforce.ibmcloud.com/vulnerabilities/19937
gaim-ircmsginvite-dos(19939)
https://exchange.xforce.ibmcloud.com/vulnerabilities/19939
http://gaim.sourceforge.net/security/index.php?id=14
http://sourceforge.net/project/shownotes.php?group_id=235&release_id=317750
oval:org.mitre.oval:def:9185
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9185

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.52141
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: gaim, ja-gaim, ko-gaim, ru-gaim
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: gaim ja-gaim ko-gaim ru-gaim CVE-2005-0966 The IRC protocol plugin in Gaim 1.2.0, and possibly earlier versions, allows (1) remote attackers to inject arbitrary Gaim markup via irc_msg_kick, irc_msg_mode, irc_msg_part, irc_msg_quit, (2) remote attackers to inject arbitrary Pango markup and pop up empty dialog boxes via irc_msg_invite, or (3) malicious IRC servers to cause a denial of service (application crash) by injecting certain Pango markup into irc_msg_badmode, irc_msg_banned, irc_msg_unknown, irc_msg_nochan functions. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0966 13003 http://www.securityfocus.com/bid/13003 14815 http://secunia.com/advisories/14815 20050401 multiple remote denial of service vulnerabilities in Gaim http://marc.info/?l=bugtraq&m=111238715307356&w=2 FLSA:158543 http://www.securityfocus.com/archive/1/426078/100/0/threaded MDKSA-2005:071 http://www.mandriva.com/security/advisories?name=MDKSA-2005:071 RHSA-2005:365 http://www.redhat.com/support/errata/RHSA-2005-365.html SUSE-SA:2005:036 http://www.novell.com/linux/security/advisories/2005_36_sudo.html gaim-irc-plugin-bo(19937) https://exchange.xforce.ibmcloud.com/vulnerabilities/19937 gaim-ircmsginvite-dos(19939) https://exchange.xforce.ibmcloud.com/vulnerabilities/19939 http://gaim.sourceforge.net/security/index.php?id=14 http://sourceforge.net/project/shownotes.php?group_id=235&release_id=317750 oval:org.mitre.oval:def:9185 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9185
Copyright	Copyright (C) 2008 E-Soft Inc.