Test ID:	1.3.6.1.4.1.25623.1.0.66109
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 200910-02 (pidgin)
Summary:	The remote host is missing updates announced in;advisory GLSA 200910-02.
Description:	Summary: The remote host is missing updates announced in advisory GLSA 200910-02. Vulnerability Insight: Multiple vulnerabilities have been discovered in Pidgin, leading to the remote execution of arbitrary code, unauthorized information disclosure, or Denial of Service. Solution: All Pidgin users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose =net-im/pidgin-2.5.9-r1 CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1376 35067 http://www.securityfocus.com/bid/35067 35188 http://secunia.com/advisories/35188 35194 http://secunia.com/advisories/35194 35202 http://secunia.com/advisories/35202 35215 http://secunia.com/advisories/35215 35294 http://secunia.com/advisories/35294 35329 http://secunia.com/advisories/35329 35330 http://secunia.com/advisories/35330 37071 http://secunia.com/advisories/37071 ADV-2009-1396 http://www.vupen.com/english/advisories/2009/1396 DSA-1805 http://debian.org/security/2009/dsa-1805 FEDORA-2009-5552 https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00033.html FEDORA-2009-5583 https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00051.html FEDORA-2009-5597 https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00075.html GLSA-200905-07 http://www.gentoo.org/security/en/glsa/glsa-200905-07.xml MDVSA-2009:140 http://www.mandriva.com/security/advisories?name=MDVSA-2009:140 MDVSA-2009:173 http://www.mandriva.com/security/advisories?name=MDVSA-2009:173 RHSA-2009:1059 http://www.redhat.com/support/errata/RHSA-2009-1059.html RHSA-2009:1060 http://www.redhat.com/support/errata/RHSA-2009-1060.html USN-781-1 http://www.ubuntu.com/usn/USN-781-1 USN-781-2 http://www.ubuntu.com/usn/USN-781-2 http://www.pidgin.im/news/security/?id=32 https://bugzilla.redhat.com/show_bug.cgi?id=500493 oval:org.mitre.oval:def:10476 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10476 oval:org.mitre.oval:def:18432 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18432 pidgin-msn-slp-bo(50680) https://exchange.xforce.ibmcloud.com/vulnerabilities/50680 Common Vulnerability Exposure (CVE) ID: CVE-2009-1889 35530 http://www.securityfocus.com/bid/35530 35693 http://secunia.com/advisories/35693 35697 http://secunia.com/advisories/35697 35706 http://secunia.com/advisories/35706 ADV-2009-1749 http://www.vupen.com/english/advisories/2009/1749 FEDORA-2009-7359 https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00162.html FEDORA-2009-7370 https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00176.html FEDORA-2009-7415 https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00228.html RHSA-2009:1139 http://www.redhat.com/support/errata/RHSA-2009-1139.html USN-796-1 http://www.ubuntu.com/usn/USN-796-1 [devel] 20090528 [patch] libpurple/protocols/oscar: OOM and die on misparsed ICQWebMessage as ICQSMS http://pidgin.im/pipermail/devel/2009-May/008227.html http://developer.pidgin.im/ticket/9483 https://bugzilla.redhat.com/show_bug.cgi?id=508738 oval:org.mitre.oval:def:10004 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10004 pidgin-oscar-dos(51448) https://exchange.xforce.ibmcloud.com/vulnerabilities/51448 Common Vulnerability Exposure (CVE) ID: CVE-2009-2694 Debian Security Information: DSA-1870 (Google Search) http://www.debian.org/security/2009/dsa-1870 http://www.exploit-db.com/exploits/9615 http://www.coresecurity.com/content/libpurple-arbitrary-write https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10319 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6320 RedHat Security Advisories: RHSA-2009:1218 https://rhn.redhat.com/errata/RHSA-2009-1218.html http://secunia.com/advisories/36384 http://secunia.com/advisories/36392 http://secunia.com/advisories/36401 http://secunia.com/advisories/36402 http://secunia.com/advisories/36708 http://sunsolve.sun.com/search/document.do?assetkey=1-66-266908-1 http://www.vupen.com/english/advisories/2009/2303 http://www.vupen.com/english/advisories/2009/2663 Common Vulnerability Exposure (CVE) ID: CVE-2009-3026 BugTraq ID: 36368 http://www.securityfocus.com/bid/36368 http://www.openwall.com/lists/oss-security/2009/08/24/2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11070 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5757 XForce ISS Database: pidgin-libpurple-weak-security(53000) https://exchange.xforce.ibmcloud.com/vulnerabilities/53000
Copyright	Copyright (C) 2009 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.