Red Hat Local Security Checks : RedHat Security Advisory RHSA-2005:518

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.53058

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2005:518

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory RHSA-2005:518.

The Gaim application is a multi-protocol instant messaging client.

Jacopo Ottaviani discovered a bug in the way Gaim handles Yahoo! Messenger
file transfers. It is possible for a malicious user to send a specially
crafted file transfer request that causes Gaim to crash. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CVE-2005-1269 to this issue.

Additionally, Hugo de Bokkenrijder discovered a bug in the way Gaim parses
MSN Messenger messages. It is possible for a malicious user to send a
specially crafted MSN Messenger message that causes Gaim to crash. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CVE-2005-1934 to this issue.

Users of gaim are advised to upgrade to this updated package, which contains
version 1.3.1 and is not vulnerable to these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2005-518.html

Risk factor : Medium

CVSS Score:
5.0

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-1269
13931
http://www.securityfocus.com/bid/13931
DSA-734
http://www.debian.org/security/2005/dsa-734
FLSA:158543
http://www.securityfocus.com/archive/1/426078/100/0/threaded
GLSA-200506-11
http://security.gentoo.org/glsa/glsa-200506-11.xml
MDKSA-2005:099
http://www.mandriva.com/security/advisories?name=MDKSA-2005:099
RHSA-2005:518
http://www.redhat.com/support/errata/RHSA-2005-518.html
SUSE-SA:2005:036
http://www.novell.com/linux/security/advisories/2005_36_sudo.html
USN-139-1
https://usn.ubuntu.com/139-1/
http://gaim.sourceforge.net/security/?id=18
oval:org.mitre.oval:def:744
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A744
oval:org.mitre.oval:def:9544
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9544
Common Vulnerability Exposure (CVE) ID: CVE-2005-1934
13932
http://www.securityfocus.com/bid/13932
http://sourceforge.net/tracker/index.php?func=detail&aid=1205290&group_id=235&atid=100235
oval:org.mitre.oval:def:10368
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10368
oval:org.mitre.oval:def:263
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A263

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.53058
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2005:518
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2005:518. The Gaim application is a multi-protocol instant messaging client. Jacopo Ottaviani discovered a bug in the way Gaim handles Yahoo! Messenger file transfers. It is possible for a malicious user to send a specially crafted file transfer request that causes Gaim to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-1269 to this issue. Additionally, Hugo de Bokkenrijder discovered a bug in the way Gaim parses MSN Messenger messages. It is possible for a malicious user to send a specially crafted MSN Messenger message that causes Gaim to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-1934 to this issue. Users of gaim are advised to upgrade to this updated package, which contains version 1.3.1 and is not vulnerable to these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2005-518.html Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-1269 13931 http://www.securityfocus.com/bid/13931 DSA-734 http://www.debian.org/security/2005/dsa-734 FLSA:158543 http://www.securityfocus.com/archive/1/426078/100/0/threaded GLSA-200506-11 http://security.gentoo.org/glsa/glsa-200506-11.xml MDKSA-2005:099 http://www.mandriva.com/security/advisories?name=MDKSA-2005:099 RHSA-2005:518 http://www.redhat.com/support/errata/RHSA-2005-518.html SUSE-SA:2005:036 http://www.novell.com/linux/security/advisories/2005_36_sudo.html USN-139-1 https://usn.ubuntu.com/139-1/ http://gaim.sourceforge.net/security/?id=18 oval:org.mitre.oval:def:744 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A744 oval:org.mitre.oval:def:9544 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9544 Common Vulnerability Exposure (CVE) ID: CVE-2005-1934 13932 http://www.securityfocus.com/bid/13932 http://sourceforge.net/tracker/index.php?func=detail&aid=1205290&group_id=235&atid=100235 oval:org.mitre.oval:def:10368 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10368 oval:org.mitre.oval:def:263 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A263
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com