Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.55017 |
Kategorie: | Red Hat Local Security Checks |
Titel: | RedHat Security Advisory RHSA-2005:627 |
Zusammenfassung: | NOSUMMARY |
Beschreibung: | Description: The remote host is missing updates announced in advisory RHSA-2005:627. Gaim is an Internet Messaging client. A heap based buffer overflow issue was discovered in the way Gaim processes away messages. A remote attacker could send a specially crafted away message to a Gaim user logged into AIM or ICQ that could result in arbitrary code execution. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2103 to this issue. Daniel Atallah discovered a denial of service issue in Gaim. A remote attacker could attempt to upload a file with a specially crafted name to a user logged into AIM or ICQ, causing Gaim to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2102 to this issue. A denial of service bug was found in Gaim's Gadu Gadu protocol handler. A remote attacker could send a specially crafted message to a Gaim user logged into Gadu Gadu, causing Gaim to crash. Please note that this issue only affects PPC and IBM S/390 systems running Gaim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2370 to this issue. Users of gaim are advised to upgrade to this updated package, which contains backported patches and is not vulnerable to these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2005-627.html Risk factor : High CVSS Score: 7.5 |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2005-2102 BugTraq ID: 14531 http://www.securityfocus.com/bid/14531 http://www.securityfocus.com/archive/1/426078/100/0/threaded https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9283 http://www.redhat.com/support/errata/RHSA-2005-627.html SuSE Security Announcement: SUSE-SR:2005:019 (Google Search) http://www.novell.com/linux/security/advisories/2005_19_sr.html https://usn.ubuntu.com/168-1/ Common Vulnerability Exposure (CVE) ID: CVE-2005-2103 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11477 http://www.redhat.com/support/errata/RHSA-2005-589.html Common Vulnerability Exposure (CVE) ID: CVE-2005-2370 BugTraq ID: 24600 http://www.securityfocus.com/bid/24600 Bugtraq: 20050721 Multiple vulnerabilities in libgadu and ekg package (Google Search) http://marc.info/?l=bugtraq&m=112198499417250&w=2 Debian Security Information: DSA-1318 (Google Search) http://www.debian.org/security/2007/dsa-1318 Debian Security Information: DSA-813 (Google Search) http://www.debian.org/security/2005/dsa-813 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10456 http://secunia.com/advisories/16265 |
Copyright | Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |