ID de Prueba:	1.3.6.1.4.1.25623.1.0.802331
Categoría:	Denial of Service
Título:	Pidgin Libpurple Protocol Plugins Denial of Service Vulnerabilities (Windows)
Resumen:	This host is installed with Pidgin and is prone to denial of; service vulnerabilities.
Descripción:	Summary: This host is installed with Pidgin and is prone to denial of service vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - An error in the IRC protocol plugin in libpurple when handling WHO responses with special characters in the nicknames. - An error in the MSN protocol plugin when handling HTTP 100 responses. - Improper handling of 'file:// URI', allows to execute the file when user clicks on a file:// URI in a received IM. Vulnerability Impact: Successful exploitation allows remote attackers to execute arbitrary code, obtain sensitive information or cause a denial of service. Affected Software/OS: Pidgin versions prior to 2.10.0 Solution: Upgrade to Pidgin version 2.10.0 or later. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	BugTraq ID: 49268 Common Vulnerability Exposure (CVE) ID: CVE-2011-2943 http://www.securityfocus.com/bid/49268 http://www.openwall.com/lists/oss-security/2011/08/20/2 http://www.openwall.com/lists/oss-security/2011/08/22/2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18005 http://securitytracker.com/id?1025961 http://secunia.com/advisories/45663 http://secunia.com/advisories/45916 XForce ISS Database: pidgin-irc-protocol-dos(69340) https://exchange.xforce.ibmcloud.com/vulnerabilities/69340 Common Vulnerability Exposure (CVE) ID: CVE-2011-3184 http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064943.html http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065190.html http://www.openwall.com/lists/oss-security/2011/08/22/10 http://www.openwall.com/lists/oss-security/2011/08/22/12 http://www.openwall.com/lists/oss-security/2011/08/22/4 http://www.openwall.com/lists/oss-security/2011/08/22/7 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18284 XForce ISS Database: pidgin-msn-protocol-dos(69341) https://exchange.xforce.ibmcloud.com/vulnerabilities/69341 Common Vulnerability Exposure (CVE) ID: CVE-2011-3185 Bugtraq: 20110822 Insomnia : ISVA-110822.1 - Pidgin IM Insecure URL Handling Remote Code Execution (Google Search) http://www.securityfocus.com/archive/1/519391/100/0/threaded http://www.insomniasec.com/advisories/ISVA-110822.1.htm http://www.openwall.com/lists/oss-security/2011/08/22/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18324 XForce ISS Database: pidgin-uri-code-execution(69342) https://exchange.xforce.ibmcloud.com/vulnerabilities/69342
Copyright	Copyright (C) 2011 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.