ID de Prueba:	1.3.6.1.4.1.25623.1.0.63276
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200901-13 (pidgin)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200901-13.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200901-13. Vulnerability Insight: Multiple vulnerabilities have been discovered in Pidgin, allowing for remote arbitrary code execution, Denial of Service and service spoofing. Solution: All Pidgin users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-im/pidgin-2.5.1' CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-2927 1020451 http://www.securitytracker.com/id?1020451 20080625 Pidgin 2.4.1 Vulnerability http://www.securityfocus.com/archive/1/493682 20080806 rPSA-2008-0246-1 gaim http://www.securityfocus.com/archive/1/495165/100/0/threaded 20080828 ZDI-08-054: Multiple Vendor libpurple MSN Protocol SLP Message Heap Overflow Vulnerability http://www.securityfocus.com/archive/1/495818/100/0/threaded 29956 http://www.securityfocus.com/bid/29956 30971 http://secunia.com/advisories/30971 31016 http://secunia.com/advisories/31016 31105 http://secunia.com/advisories/31105 31387 http://secunia.com/advisories/31387 31642 http://secunia.com/advisories/31642 32859 http://secunia.com/advisories/32859 32861 http://secunia.com/advisories/32861 ADV-2008-2032 http://www.vupen.com/english/advisories/2008/2032/references DSA-1610 http://www.debian.org/security/2008/dsa-1610 MDVSA-2008:143 http://www.mandriva.com/security/advisories?name=MDVSA-2008:143 MDVSA-2009:127 http://www.mandriva.com/security/advisories?name=MDVSA-2009:127 RHSA-2008:0584 http://www.redhat.com/support/errata/RHSA-2008-0584.html USN-675-1 http://www.ubuntu.com/usn/USN-675-1 USN-675-2 http://www.ubuntu.com/usn/USN-675-2 [oss-security] 20080703 Re: Re: CVE Request (pidgin) http://www.openwall.com/lists/oss-security/2008/07/04/1 [oss-security] 20080704 Re: Re: CVE Request (pidgin) http://www.openwall.com/lists/oss-security/2008/07/03/6 adium-msnprotocol-code-execution(44774) https://exchange.xforce.ibmcloud.com/vulnerabilities/44774 http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msn/slplink.c http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msnp9/slplink.c http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0246 http://www.pidgin.im/news/security/?id=25 http://www.zerodayinitiative.com/advisories/ZDI-08-054 https://bugzilla.redhat.com/show_bug.cgi?id=453764 https://issues.rpath.com/browse/RPL-2647 oval:org.mitre.oval:def:11695 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11695 oval:org.mitre.oval:def:17972 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17972 Common Vulnerability Exposure (CVE) ID: CVE-2008-2955 20080626 Pidgin 2.4.1 Vulnerability http://www.securityfocus.com/archive/1/493682/100/0/threaded 29985 http://www.securityfocus.com/bid/29985 30881 http://secunia.com/advisories/30881 33102 http://secunia.com/advisories/33102 3966 http://securityreason.com/securityalert/3966 ADV-2008-1947 http://www.vupen.com/english/advisories/2008/1947 MDVSA-2009:025 http://www.mandriva.com/security/advisories?name=MDVSA-2009:025 RHSA-2008:1023 http://www.redhat.com/support/errata/RHSA-2008-1023.html http://support.avaya.com/elmodocs2/security/ASA-2008-493.htm oval:org.mitre.oval:def:10131 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10131 oval:org.mitre.oval:def:18050 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18050 Common Vulnerability Exposure (CVE) ID: CVE-2008-2957 [oss-security] 20080627 CVE Request (pidgin) http://www.openwall.com/lists/oss-security/2008/06/27/3 http://crisp.cs.du.edu/?q=ca2007-1 oval:org.mitre.oval:def:17599 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17599 oval:org.mitre.oval:def:9076 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9076 Common Vulnerability Exposure (CVE) ID: CVE-2008-3532 30553 http://www.securityfocus.com/bid/30553 31390 http://secunia.com/advisories/31390 ADV-2008-2318 http://www.vupen.com/english/advisories/2008/2318 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492434 http://developer.pidgin.im/attachment/ticket/6500/nss-cert-verify.patch http://developer.pidgin.im/attachment/ticket/6500/nss_add_rev.patch http://developer.pidgin.im/ticket/6500 oval:org.mitre.oval:def:10979 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10979 oval:org.mitre.oval:def:18327 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18327 pidgin-ssl-spoofing(44220) https://exchange.xforce.ibmcloud.com/vulnerabilities/44220
Copyright	Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.