Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | |||
ID de Prueba: | 1.3.6.1.4.1.25623.1.0.703055 |
Categoría: | Debian Local Security Checks |
Título: | Debian Security Advisory DSA 3055-1 (pidgin - security update) |
Resumen: | Multiple vulnerabilities have been discovered in Pidgin, a multi-protocol;instant messaging client:;;CVE-2014-3694;It was discovered that the SSL/TLS plugins failed to validate the;basic constraints extension in intermediate CA certificates.;;CVE-2014-3695;Yves Younan and Richard Johnson discovered that emotictons with;overly large length values could crash Pidgin.;;CVE-2014-3696;Yves Younan and Richard Johnson discovered that malformed Groupwise;messages could crash Pidgin.;;CVE-2014-3698;Thijs Alkemade and Paul Aurich discovered that malformed XMPP;messages could result in memory disclosure. |
Descripción: | Summary: Multiple vulnerabilities have been discovered in Pidgin, a multi-protocol instant messaging client: CVE-2014-3694 It was discovered that the SSL/TLS plugins failed to validate the basic constraints extension in intermediate CA certificates. CVE-2014-3695 Yves Younan and Richard Johnson discovered that emotictons with overly large length values could crash Pidgin. CVE-2014-3696 Yves Younan and Richard Johnson discovered that malformed Groupwise messages could crash Pidgin. CVE-2014-3698 Thijs Alkemade and Paul Aurich discovered that malformed XMPP messages could result in memory disclosure. Affected Software/OS: pidgin on Debian Linux Solution: For the stable distribution (wheezy), these problems have been fixed in version 2.10.10-1~ deb7u1. For the unstable distribution (sid), these problems have been fixed in version 2.10.10-1. We recommend that you upgrade your pidgin packages. CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N |
Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2014-3694 Debian Security Information: DSA-3055 (Google Search) http://www.debian.org/security/2014/dsa-3055 RedHat Security Advisories: RHSA-2017:1854 https://access.redhat.com/errata/RHSA-2017:1854 http://secunia.com/advisories/60741 http://secunia.com/advisories/61968 SuSE Security Announcement: openSUSE-SU-2014:1376 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-11/msg00023.html SuSE Security Announcement: openSUSE-SU-2014:1397 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-11/msg00037.html http://www.ubuntu.com/usn/USN-2390-1 Common Vulnerability Exposure (CVE) ID: CVE-2014-3695 Common Vulnerability Exposure (CVE) ID: CVE-2014-3696 Common Vulnerability Exposure (CVE) ID: CVE-2014-3698 |
Copyright | Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net |
Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |