Test ID:	1.3.6.1.4.1.25623.1.0.51626
Category:	Fedora Local Security Checks
Title:	Fedora Legacy Security Advisory FLSA-2005:2188
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory FLSA-2005:2188. A buffer overflow has been discovered in the MSN protocol handler. When receiving unexpected sequence of MSNSLP messages, it is possible that an attacker could cause an internal buffer overflow, leading to a crash or possible code execution. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0891 to this issue. This updated gaim package also fixes multiple user interface, protocol, and error handling problems, including an ICQ communication encoding issue. Users of gaim are advised to upgrade to this updated package which contains gaim version 1.0.2 and is not vulnerable to these issues. Affected platforms: Redhat 7.3 Redhat 9 Solution: http://www.securityspace.com/smysecure/catid.html?in=FLSA-2005:2188 Risk factor : Critical CVSS Score: 10.0
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0891 https://bugzilla.fedora.us/show_bug.cgi?id=2188 http://www.gentoo.org/security/en/glsa/glsa-200410-23.xml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11790 http://www.redhat.com/support/errata/RHSA-2004-604.html https://www.ubuntu.com/usn/usn-8-1/ XForce ISS Database: gaim-file-transfer-dos(17790) https://exchange.xforce.ibmcloud.com/vulnerabilities/17790 XForce ISS Database: gaim-msn-slp-bo(17786) https://exchange.xforce.ibmcloud.com/vulnerabilities/17786 XForce ISS Database: gaim-msn-slp-dos(17787) https://exchange.xforce.ibmcloud.com/vulnerabilities/17787
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.