Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
Test ID: | 1.3.6.1.4.1.25623.1.0.850416 |
Category: | SuSE Local Security Checks |
Title: | openSUSE: Security Advisory for pidgin (openSUSE-SU-2013:0405-1) |
Summary: | The remote host is missing an update for the 'pidgin'; package(s) announced via the referenced advisory. |
Description: | Summary: The remote host is missing an update for the 'pidgin' package(s) announced via the referenced advisory. Vulnerability Insight: pidgin was updated to fix security issues: - Fix a crash when receiving UPnP responses with abnormally long values. (CVE-2013-0274) - Fix a crash in Sametime when a malicious server sends us an abnormally long user ID. (CVE-2013-0273) - Fix a bug where the MXit server or a man-in-the-middle could potentially send specially crafted data that could overflow a buffer and lead to a crash or remote code execution.(CVE-2013-0272) - Fix a bug where a remote MXit user could possibly specify a local file path to be written to. (CVE-2013-0271) Affected Software/OS: pidgin on openSUSE 12.1 Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2013-0271 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18386 SuSE Security Announcement: SUSE-SU-2013:0388 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00003.html SuSE Security Announcement: openSUSE-SU-2013:0405 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00006.html http://www.ubuntu.com/usn/USN-1746-1 Common Vulnerability Exposure (CVE) ID: CVE-2013-0272 BugTraq ID: 57951 http://www.securityfocus.com/bid/57951 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17474 SuSE Security Announcement: openSUSE-SU-2013:0407 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00007.html Common Vulnerability Exposure (CVE) ID: CVE-2013-0273 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18340 Common Vulnerability Exposure (CVE) ID: CVE-2013-0274 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18221 |
Copyright | Copyright (C) 2013 Greenbone Networks GmbH |
This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |