ID de Prueba:	1.3.6.1.4.1.25623.1.0.53915
Categoría:	Slackware Local Security Checks
Título:	Slackware: Security Advisory (SSA:2004-239-01)
Resumen:	The remote host is missing an update for the 'gaim' package(s) announced via the SSA:2004-239-01 advisory.
Descripción:	Summary: The remote host is missing an update for the 'gaim' package(s) announced via the SSA:2004-239-01 advisory. Vulnerability Insight: New gaim packages are available for Slackware 9.1, 10.0 and -current to fix several security issues. Sites that use GAIM should upgrade to the new version. Here are the details from the Slackware 10.0 ChangeLog: +--------------------------+ Thu Aug 26 17:14:09 PDT 2004 patches/packages/gaim-0.82-i486-1.tgz: Upgraded to gaim-0.82 and gaim-encryption-2.29. Fixes several security issues: Content-length DOS (malloc error) (no CAN ID on this one) MSN strncpy buffer overflow (CAN-2004-0500) Groupware message receive integer overflow (CAN-2004-0754) Smiley theme installation lack of escaping (CAN-2004-0784) RTF message buffer overflow, Local hostname resolution buffer overflow, URL decode buffer overflow (these 3 are CAN-2004-0785) For more details, see: [links moved to references] (* Security fix *) +--------------------------+ Affected Software/OS: 'gaim' package(s) on Slackware 9.1, Slackware 10.0, Slackware current. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0500 BugTraq ID: 10865 http://www.securityfocus.com/bid/10865 http://www.fedoranews.org/updates/FEDORA-2004-278.shtml http://www.fedoranews.org/updates/FEDORA-2004-279.shtml http://www.gentoo.org/security/en/glsa/glsa-200408-12.xml http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:081 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9429 http://www.redhat.com/support/errata/RHSA-2004-400.html SuSE Security Announcement: SUSE-SA:2004:025 (Google Search) http://www.novell.com/linux/security/advisories/2004_25_gaim.html XForce ISS Database: gaim-msn-bo(16920) https://exchange.xforce.ibmcloud.com/vulnerabilities/16920 Common Vulnerability Exposure (CVE) ID: CVE-2004-0754 BugTraq ID: 11056 http://www.securityfocus.com/bid/11056 http://www.osvdb.org/9260 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10220 http://securitytracker.com/id?1011083 http://secunia.com/advisories/12383 http://secunia.com/advisories/12480 http://secunia.com/advisories/13101 XForce ISS Database: gaim-groupware-integer-overflow(17140) https://exchange.xforce.ibmcloud.com/vulnerabilities/17140 Common Vulnerability Exposure (CVE) ID: CVE-2004-0784 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10008 XForce ISS Database: gaim-smiley-command-execution(17144) https://exchange.xforce.ibmcloud.com/vulnerabilities/17144 Common Vulnerability Exposure (CVE) ID: CVE-2004-0785 http://www.osvdb.org/9261 http://www.osvdb.org/9262 http://www.osvdb.org/9263 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10907 http://secunia.com/advisories/12929 XForce ISS Database: gaim-hostname-bo(17142) https://exchange.xforce.ibmcloud.com/vulnerabilities/17142 XForce ISS Database: gaim-rtf-bo(17141) https://exchange.xforce.ibmcloud.com/vulnerabilities/17141 XForce ISS Database: gaim-url-bo(17143) https://exchange.xforce.ibmcloud.com/vulnerabilities/17143
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.