Test ID:	1.3.6.1.4.1.25623.1.0.50347
Category:	Fedora Local Security Checks
Title:	Fedora Core 1 FEDORA-2004-278 (gaim)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to gaim announced via advisory FEDORA-2004-278. Gaim allows you to talk to anyone using a variety of messaging protocols, including AIM (Oscar and TOC), ICQ, IRC, Yahoo!, MSN Messenger, Jabber, Gadu-Gadu, Napster, and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just add an account using the account editor. Gaim supports many common features of other clients, as well as many unique features, such as perl scripting and C plugins. Gaim is NOT affiliated with or endorsed by America Online, Inc., Microsoft Corporation, or Yahoo! Inc. or other messaging service providers. Update Information: 0.82 update contains many bug and security improvements. * Wed Aug 25 2004 Warren Togami 0.82-0.FC1 - FC1 update * Wed Aug 25 2004 Warren Togami 0.82-1 - Update to 0.82 resolves several security issues and bugs CVE-2004-0500, CVE-2004-0754, CVE-2004-0784, CVE-2004-0785 More details at http://gaim.sourceforge.net/security/ This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/ 174ca09c008c59371289bb66e4e2632b SRPMS/gaim-0.82-0.FC1.src.rpm 9226eca202c3f8e40ca8dc0765b6a3f9 x86_64/gaim-0.82-0.FC1.x86_64.rpm e23da9cd2592709a6c392c50deca5124 x86_64/debug/gaim-debuginfo-0.82-0.FC1.x86_64.rpm d1a69928d1cf56234af3d507c328f826 i386/gaim-0.82-0.FC1.i386.rpm c3d68d0bd2913e436621bf5a59dbdc34 i386/debug/gaim-debuginfo-0.82-0.FC1.i386.rpm This update can also be installed with the Update Agent you can launch the Update Agent with the 'up2date' command. Solution: Apply the appropriate updates. http://www.fedoranews.org/updates/FEDORA-2004-278.shtml Risk factor : Critical CVSS Score: 10.0
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0500 BugTraq ID: 10865 http://www.securityfocus.com/bid/10865 http://www.fedoranews.org/updates/FEDORA-2004-278.shtml http://www.fedoranews.org/updates/FEDORA-2004-279.shtml http://www.gentoo.org/security/en/glsa/glsa-200408-12.xml http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:081 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9429 http://www.redhat.com/support/errata/RHSA-2004-400.html SuSE Security Announcement: SUSE-SA:2004:025 (Google Search) http://www.novell.com/linux/security/advisories/2004_25_gaim.html XForce ISS Database: gaim-msn-bo(16920) https://exchange.xforce.ibmcloud.com/vulnerabilities/16920 Common Vulnerability Exposure (CVE) ID: CVE-2004-0574 Bugtraq: 20041012 CORE-2004-0802: IIS NNTP Service XPAT Command Vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=109761632831563&w=2 CERT/CC vulnerability note: VU#203126 http://www.kb.cert.org/vuls/id/203126 Computer Incident Advisory Center Bulletin: P-012 http://www.ciac.org/ciac/bulletins/p-012.shtml http://www.coresecurity.com/common/showdoc.php?idx=420&idxseccion=10 Microsoft Security Bulletin: MS04-036 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-036 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A246 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4392 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5021 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5070 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5926 XForce ISS Database: win-ms04036-patch(17661) https://exchange.xforce.ibmcloud.com/vulnerabilities/17661 XForce ISS Database: win-nntp-bo(17641) https://exchange.xforce.ibmcloud.com/vulnerabilities/17641 Common Vulnerability Exposure (CVE) ID: CVE-2004-0784 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10008 XForce ISS Database: gaim-smiley-command-execution(17144) https://exchange.xforce.ibmcloud.com/vulnerabilities/17144 Common Vulnerability Exposure (CVE) ID: CVE-2004-0785 BugTraq ID: 11056 http://www.securityfocus.com/bid/11056 http://www.osvdb.org/9261 http://www.osvdb.org/9262 http://www.osvdb.org/9263 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10907 http://securitytracker.com/id?1011083 http://secunia.com/advisories/12383 http://secunia.com/advisories/12480 http://secunia.com/advisories/12929 http://secunia.com/advisories/13101 XForce ISS Database: gaim-hostname-bo(17142) https://exchange.xforce.ibmcloud.com/vulnerabilities/17142 XForce ISS Database: gaim-rtf-bo(17141) https://exchange.xforce.ibmcloud.com/vulnerabilities/17141 XForce ISS Database: gaim-url-bo(17143) https://exchange.xforce.ibmcloud.com/vulnerabilities/17143
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.