ID de Prueba:	1.3.6.1.4.1.25623.1.0.69187
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2010:0890
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2010:0890. Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. Multiple NULL pointer dereference flaws were found in the way Pidgin handled Base64 decoding. A remote attacker could use these flaws to crash Pidgin if the target Pidgin user was using the Yahoo! Messenger Protocol, MSN, MySpace, or Extensible Messaging and Presence Protocol (XMPP) protocol plug-ins, or using the Microsoft NT LAN Manager (NTLM) protocol for authentication. (CVE-2010-3711) Red Hat would like to thank the Pidgin project for reporting these issues. Upstream acknowledges Daniel Atallah as the original reporter. All Pidgin users should upgrade to these updated packages, which contain a backported patch to resolve these issues. Pidgin must be restarted for this update to take effect. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2010-0890.html http://www.redhat.com/security/updates/classification/#moderate Risk factor : Medium CVSS Score: 4.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-3711 BugTraq ID: 44283 http://www.securityfocus.com/bid/44283 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050227.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050133.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050695.html http://www.mandriva.com/security/advisories?name=MDVSA-2010:208 http://www.osvdb.org/68773 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18506 http://www.redhat.com/support/errata/RHSA-2010-0788.html http://www.redhat.com/support/errata/RHSA-2010-0890.html http://securitytracker.com/id?1024623 http://secunia.com/advisories/41893 http://secunia.com/advisories/41899 http://secunia.com/advisories/42075 http://secunia.com/advisories/42294 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.462352 http://www.ubuntu.com/usn/USN-1014-1 http://www.vupen.com/english/advisories/2010/2753 http://www.vupen.com/english/advisories/2010/2754 http://www.vupen.com/english/advisories/2010/2755 http://www.vupen.com/english/advisories/2010/2847 http://www.vupen.com/english/advisories/2010/2851 http://www.vupen.com/english/advisories/2010/2870 XForce ISS Database: pidgin-purplebase64decode-dos(62708) https://exchange.xforce.ibmcloud.com/vulnerabilities/62708
Copyright	Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.