Denial of Service : Pidgin MSN Protocol Plugin DoS Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.800423

Categoría: Denial of Service

Título: Pidgin MSN Protocol Plugin DoS Vulnerability - Windows

Resumen: Pidgin is prone to a denial of service (DoS) vulnerability.

Descripción: Summary:
Pidgin is prone to a denial of service (DoS) vulnerability.

Vulnerability Insight:
This issue is due to an error in 'slp.c' within the 'MSN protocol plugin'
in 'libpurple' when processing MSN request.

Vulnerability Impact:
Attackers can exploit this issue to cause a denial of service (memory corruption)
or possibly have unspecified other impact via unknown vectors.

Affected Software/OS:
Pidgin version prior to 2.6.4 on Windows.

Solution:
Upgrade to Pidgin version 2.6.6 or later.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-0277
BugTraq ID: 38294
http://www.securityfocus.com/bid/38294
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035332.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035409.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035347.html
http://www.mandriva.com/security/advisories?name=MDVSA-2010:041
http://www.mandriva.com/security/advisories?name=MDVSA-2010:085
http://events.ccc.de/congress/2009/Fahrplan/events/3596.en.html
http://www.openwall.com/lists/oss-security/2010/01/07/2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18348
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9421
RedHat Security Advisories: RHSA-2010:0115
https://rhn.redhat.com/errata/RHSA-2010-0115.html
http://secunia.com/advisories/38563
http://secunia.com/advisories/38640
http://secunia.com/advisories/38658
http://secunia.com/advisories/38712
http://secunia.com/advisories/38915
http://secunia.com/advisories/41868
SuSE Security Announcement: SUSE-SR:2010:006 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html
http://www.ubuntu.com/usn/USN-902-1
http://www.vupen.com/english/advisories/2010/0413
http://www.vupen.com/english/advisories/2010/1020
http://www.vupen.com/english/advisories/2010/2693

Copyright Copyright (C) 2010 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.800423
Categoría:	Denial of Service
Título:	Pidgin MSN Protocol Plugin DoS Vulnerability - Windows
Resumen:	Pidgin is prone to a denial of service (DoS) vulnerability.
Descripción:	Summary: Pidgin is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: This issue is due to an error in 'slp.c' within the 'MSN protocol plugin' in 'libpurple' when processing MSN request. Vulnerability Impact: Attackers can exploit this issue to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. Affected Software/OS: Pidgin version prior to 2.6.4 on Windows. Solution: Upgrade to Pidgin version 2.6.6 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0277 BugTraq ID: 38294 http://www.securityfocus.com/bid/38294 http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035332.html http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035409.html http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035347.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:041 http://www.mandriva.com/security/advisories?name=MDVSA-2010:085 http://events.ccc.de/congress/2009/Fahrplan/events/3596.en.html http://www.openwall.com/lists/oss-security/2010/01/07/2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18348 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9421 RedHat Security Advisories: RHSA-2010:0115 https://rhn.redhat.com/errata/RHSA-2010-0115.html http://secunia.com/advisories/38563 http://secunia.com/advisories/38640 http://secunia.com/advisories/38658 http://secunia.com/advisories/38712 http://secunia.com/advisories/38915 http://secunia.com/advisories/41868 SuSE Security Announcement: SUSE-SR:2010:006 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html http://www.ubuntu.com/usn/USN-902-1 http://www.vupen.com/english/advisories/2010/0413 http://www.vupen.com/english/advisories/2010/1020 http://www.vupen.com/english/advisories/2010/2693
Copyright	Copyright (C) 2010 Greenbone AG