CentOS Local Security Checks : CentOS Update for finch CESA-2009:1536 centos4 i386

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.880745

Kategorie: CentOS Local Security Checks

Titel: CentOS Update for finch CESA-2009:1536 centos4 i386

Zusammenfassung: The remote host is missing an update for the 'finch'; package(s) announced via the referenced advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'finch'
package(s) announced via the referenced advisory.

Vulnerability Insight:
Pidgin is an instant messaging program which can log in to multiple
accounts on multiple instant messaging networks simultaneously. The AOL
Open System for Communication in Realtime (OSCAR) protocol is used by the
AOL ICQ and AIM instant messaging systems.

An invalid pointer dereference bug was found in the way the Pidgin OSCAR
protocol implementation processed lists of contacts. A remote attacker
could send a specially-crafted contact list to a user running Pidgin,
causing Pidgin to crash. (CVE-2009-3615)

These packages upgrade Pidgin to version 2.6.3. Refer to the linked Pidgin release
notes for a full list of changes.

All Pidgin users should upgrade to these updated packages, which correct
this issue. Pidgin must be restarted for this update to take effect.

Affected Software/OS:
finch on CentOS 4

Solution:
Please install the updated packages.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2009-3615
BugTraq ID: 36719
http://www.securityfocus.com/bid/36719
http://www.mandriva.com/security/advisories?name=MDVSA-2010:085
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18388
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9414
http://secunia.com/advisories/37017
http://secunia.com/advisories/37072
http://www.vupen.com/english/advisories/2009/2949
http://www.vupen.com/english/advisories/2009/2951
http://www.vupen.com/english/advisories/2010/1020
XForce ISS Database: pidgin-oscar-protocol-dos(53807)
https://exchange.xforce.ibmcloud.com/vulnerabilities/53807

Copyright Copyright (c) 2011 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.880745
Kategorie:	CentOS Local Security Checks
Titel:	CentOS Update for finch CESA-2009:1536 centos4 i386
Zusammenfassung:	The remote host is missing an update for the 'finch'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'finch' package(s) announced via the referenced advisory. Vulnerability Insight: Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. The AOL Open System for Communication in Realtime (OSCAR) protocol is used by the AOL ICQ and AIM instant messaging systems. An invalid pointer dereference bug was found in the way the Pidgin OSCAR protocol implementation processed lists of contacts. A remote attacker could send a specially-crafted contact list to a user running Pidgin, causing Pidgin to crash. (CVE-2009-3615) These packages upgrade Pidgin to version 2.6.3. Refer to the linked Pidgin release notes for a full list of changes. All Pidgin users should upgrade to these updated packages, which correct this issue. Pidgin must be restarted for this update to take effect. Affected Software/OS: finch on CentOS 4 Solution: Please install the updated packages. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2009-3615 BugTraq ID: 36719 http://www.securityfocus.com/bid/36719 http://www.mandriva.com/security/advisories?name=MDVSA-2010:085 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18388 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9414 http://secunia.com/advisories/37017 http://secunia.com/advisories/37072 http://www.vupen.com/english/advisories/2009/2949 http://www.vupen.com/english/advisories/2009/2951 http://www.vupen.com/english/advisories/2010/1020 XForce ISS Database: pidgin-oscar-protocol-dos(53807) https://exchange.xforce.ibmcloud.com/vulnerabilities/53807
Copyright	Copyright (c) 2011 Greenbone Networks GmbH