 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.52566 |
| Category: | Fedora Local Security Checks |
| Title: | Fedora Core 2 FEDORA-2005-171 (gaim) |
| Summary: | NOSUMMARY |
| Description: | Description: The remote host is missing an update to gaim announced via advisory FEDORA-2005-171. Gaim allows you to talk to anyone using a variety of messaging protocols, including AIM (Oscar and TOC), ICQ, IRC, Yahoo!, MSN Messenger, Jabber, Gadu-Gadu, Napster, and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just add an account using the account editor. Gaim supports many common features of other clients, as well as many unique features, such as perl scripting and C plugins. Gaim is NOT affiliated with or endorsed by America Online, Inc., Microsoft Corporation, or Yahoo! Inc. or other messaging service providers. Update Information: This update resolves another DoS issue in parsing malformed HTML, and a MSN related crash that folks were hitting often. * Thu Feb 24 2005 Warren Togami 1:1.1.4-0.FC2 - FC2 * Thu Feb 24 2005 Warren Togami 1:1.1.4-1 - 1.1.4 with MSN crash fix, g_stat() crash workaround CVE-2005-0208 Gaim HTML parsing DoS (another one) * Tue Feb 22 2005 Warren Togami 1:1.1.3-4 - Test fixes for #149190 and #149304 This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ 6214fefe3f0d1963fe8a18d4bb0d1728 SRPMS/gaim-1.1.4-0.FC2.src.rpm 6d46e456110af368feb2671666be4576 x86_64/gaim-1.1.4-0.FC2.x86_64.rpm d7fbdffb081e6bf463d8e09e027d8f02 x86_64/debug/gaim-debuginfo-1.1.4-0.FC2.x86_64.rpm 5440e0ef5ff96f16fa13a0580c1842aa i386/gaim-1.1.4-0.FC2.i386.rpm 6fccc876878f0566bffdc16d4ec2c1e5 i386/debug/gaim-debuginfo-1.1.4-0.FC2.i386.rpm This update can also be installed with the Update Agent you can launch the Update Agent with the 'up2date' command. Solution: Apply the appropriate updates. http://www.fedoranews.org/blog/index.php?p=426 Risk factor : Medium CVSS Score: 5.0 |
| Cross-Ref: |
BugTraq ID: 12660 Common Vulnerability Exposure (CVE) ID: CVE-2005-0208 http://www.securityfocus.com/bid/12660 Bugtraq: 20050225 [USN-85-1] Gaim vulnerabilities (Google Search) http://marc.info/?l=bugtraq&m=110935655500670&w=2 CERT/CC vulnerability note: VU#795812 http://www.kb.cert.org/vuls/id/795812 Conectiva Linux advisory: CLA-2005:933 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000933 http://www.securityfocus.com/archive/1/426078/100/0/threaded http://www.gentoo.org/security/en/glsa/glsa-200503-03.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:049 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10477 http://www.redhat.com/support/errata/RHSA-2005-215.html http://secunia.com/advisories/14386 SuSE Security Announcement: SUSE-SA:2005:036 (Google Search) http://www.novell.com/linux/security/advisories/2005_36_sudo.html |
| Copyright | Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |