Red Hat Local Security Checks : RedHat Security Advisory RHSA-2005:429

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.52631

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2005:429

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory RHSA-2005:429.

The Gaim application is a multi-protocol instant messaging client.

A stack based buffer overflow bug was found in the way gaim processes a
message containing a URL. A remote attacker could send a carefully crafted
message resulting in the execution of arbitrary code on a victim's machine.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2005-1261 to this issue.

A bug was found in the way gaim handles malformed MSN messages. A remote
attacker could send a carefully crafted MSN message causing gaim to crash.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2005-1262 to this issue.

Users of Gaim are advised to upgrade to this updated package which contains
backported patches and is not vulnerable to these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2005-429.html

Risk factor : High

CVSS Score:
7.5

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-1261
13590
http://www.securityfocus.com/bid/13590
ADV-2005-0519
http://www.vupen.com/english/advisories/2005/0519
FLSA:158543
http://www.securityfocus.com/archive/1/426078/100/0/threaded
RHSA-2005:429
http://www.redhat.com/support/errata/RHSA-2005-429.html
RHSA-2005:432
http://www.redhat.com/support/errata/RHSA-2005-432.html
http://gaim.sourceforge.net/security/index.php?id=16
oval:org.mitre.oval:def:10725
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10725
Common Vulnerability Exposure (CVE) ID: CVE-2005-1262
13591
http://www.securityfocus.com/bid/13591
SUSE-SA:2005:036
http://www.novell.com/linux/security/advisories/2005_36_sudo.html
http://gaim.sourceforge.net/security/index.php?id=17
oval:org.mitre.oval:def:10861
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10861

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.52631
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2005:429
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2005:429. The Gaim application is a multi-protocol instant messaging client. A stack based buffer overflow bug was found in the way gaim processes a message containing a URL. A remote attacker could send a carefully crafted message resulting in the execution of arbitrary code on a victim's machine. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-1261 to this issue. A bug was found in the way gaim handles malformed MSN messages. A remote attacker could send a carefully crafted MSN message causing gaim to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-1262 to this issue. Users of Gaim are advised to upgrade to this updated package which contains backported patches and is not vulnerable to these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2005-429.html Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-1261 13590 http://www.securityfocus.com/bid/13590 ADV-2005-0519 http://www.vupen.com/english/advisories/2005/0519 FLSA:158543 http://www.securityfocus.com/archive/1/426078/100/0/threaded RHSA-2005:429 http://www.redhat.com/support/errata/RHSA-2005-429.html RHSA-2005:432 http://www.redhat.com/support/errata/RHSA-2005-432.html http://gaim.sourceforge.net/security/index.php?id=16 oval:org.mitre.oval:def:10725 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10725 Common Vulnerability Exposure (CVE) ID: CVE-2005-1262 13591 http://www.securityfocus.com/bid/13591 SUSE-SA:2005:036 http://www.novell.com/linux/security/advisories/2005_36_sudo.html http://gaim.sourceforge.net/security/index.php?id=17 oval:org.mitre.oval:def:10861 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10861
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com