ID de Prueba:	1.3.6.1.4.1.25623.1.0.52632
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2005:432
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2005:432. The Gaim application is a multi-protocol instant messaging client. A stack based buffer overflow bug was found in the way gaim processes a message containing a URL. A remote attacker could send a carefully crafted message resulting in the execution of arbitrary code on a victim's machine. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-1261 to this issue. A bug in the way Gaim processes SNAC packets was discovered. It is possible that a remote attacker could send a specially crafted SNAC packet to a Gaim client, causing the client to stop responding. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0472 to this issue. Users of Gaim are advised to upgrade to this updated package which contains gaim version 0.59.9 with backported patches to correct these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2005-432.html Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0472 12589 http://www.securityfocus.com/bid/12589 14322 http://secunia.com/advisories/14322 20050225 [USN-85-1] Gaim vulnerabilities http://marc.info/?l=bugtraq&m=110935655500670&w=2 CLA-2005:933 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000933 DSA-716 http://www.debian.org/security/2005/dsa-716 FLSA:158543 http://www.securityfocus.com/archive/1/426078/100/0/threaded GLSA-200503-03 http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml MDKSA-2005:049 http://www.mandriva.com/security/advisories?name=MDKSA-2005:049 RHSA-2005:215 http://www.redhat.com/support/errata/RHSA-2005-215.html RHSA-2005:432 http://www.redhat.com/support/errata/RHSA-2005-432.html SUSE-SA:2005:036 http://www.novell.com/linux/security/advisories/2005_36_sudo.html VU#839280 http://www.kb.cert.org/vuls/id/839280 gaim-snac-dos(19380) https://exchange.xforce.ibmcloud.com/vulnerabilities/19380 http://gaim.sourceforge.net/security/index.php?id=10 oval:org.mitre.oval:def:10433 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10433 Common Vulnerability Exposure (CVE) ID: CVE-2005-1261 13590 http://www.securityfocus.com/bid/13590 ADV-2005-0519 http://www.vupen.com/english/advisories/2005/0519 RHSA-2005:429 http://www.redhat.com/support/errata/RHSA-2005-429.html http://gaim.sourceforge.net/security/index.php?id=16 oval:org.mitre.oval:def:10725 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10725
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.