ID CVE-2005-2103 Type cve Reporter NVD Modified 2018-10-19T11:32:34
Description
Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a large number of AIM substitution strings, such as %t or %n.
{"centos": [{"lastseen": "2018-01-25T19:02:37", "references": ["https://rhn.redhat.com/errata/rh21as-errata.html", "http://www.ict.swin.edu.au/staff/jnewbigin"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "2", "packageVersion": "0.59.9-5.el2", "packageFilename": "gaim-0.59.9-5.el2.i386.rpm", "packageName": "gaim", "arch": "i386", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2005:589-01\n\n\nGaim is an Internet Instant Messaging client.\r\n\r\nA heap based buffer overflow issue was discovered in the way Gaim processes\r\naway messages. A remote attacker could send a specially crafted away\r\nmessage to a Gaim user logged into AIM or ICQ which could result in\r\narbitrary code execution. The Common Vulnerabilities and Exposures project\r\n(cve.mitre.org) has assigned the name CAN-2005-2103 to this issue.\r\n\r\nUsers of gaim are advised to upgrade to this updated package, which\r\ncontains backported patches and is not vulnerable to this issue.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2005-August/012030.html\n\n**Affected packages:**\ngaim\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/rh21as-errata.html", "edition": 2, "reporter": "CentOS Project", "published": "2005-08-10T04:28:39", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "gaim security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2005-2103"], "modified": "2005-08-10T04:28:39", "href": "http://lists.centos.org/pipermail/centos-announce/2005-August/012030.html", "id": "CESA-2005:589-01", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-10-03T18:25:28", "references": ["http://iki.fi/upi/", "https://rhn.redhat.com/errata/RHSA-2005-627.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "3", "packageVersion": "1.3.1-0.el3.3", "packageFilename": "gaim-1.3.1-0.el3.3.src.rpm", "packageName": "gaim", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "1.3.1-0.el3.3", "packageFilename": "gaim-1.3.1-0.el3.3.src.rpm", "packageName": "gaim", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.3.1-0.el4.3", "packageFilename": "gaim-1.3.1-0.el4.3.ia64.rpm", "packageName": "gaim", "arch": "ia64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "1.3.1-0.el3.3", "packageFilename": "gaim-1.3.1-0.el3.3.s390.rpm", "packageName": "gaim", "arch": "s390", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "1.3.1-0.el3.3", "packageFilename": "gaim-1.3.1-0.el3.3.i386.rpm", "packageName": "gaim", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.3.1-0.el4.3", "packageFilename": "gaim-1.3.1-0.el4.3.i386.rpm", "packageName": "gaim", "arch": "i386", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "1.3.1-0.el3.3", "packageFilename": "gaim-1.3.1-0.el3.3.ia64.rpm", "packageName": "gaim", "arch": "ia64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.3.1-0.el4.3", "packageFilename": "gaim-1.3.1-0.el4.3.s390x.rpm", "packageName": "gaim", "arch": "s390x", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.3.1-0.el4.3", "packageFilename": "gaim-1.3.1-0.el4.3.src.rpm", "packageName": "gaim", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.3.1-0.el4.3", "packageFilename": "gaim-1.3.1-0.el4.3.src.rpm", "packageName": "gaim", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "1.3.1-0.el3.3", "packageFilename": "gaim-1.3.1-0.el3.3.s390x.rpm", "packageName": "gaim", "arch": "s390x", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.3.1-0.el4.3", "packageFilename": "gaim-1.3.1-0.el4.3.s390.rpm", "packageName": "gaim", "arch": "s390", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "4", "packageVersion": "1.3.1-0.el4.3", "packageFilename": "gaim-1.3.1-0.el4.3.x86_64.rpm", "packageName": "gaim", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "3", "packageVersion": "1.3.1-0.el3.3", "packageFilename": "gaim-1.3.1-0.el3.3.x86_64.rpm", "packageName": "gaim", "arch": "x86_64", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2005:627\n\n\nGaim is an Internet Messaging client.\r\n\r\nA heap based buffer overflow issue was discovered in the way Gaim processes\r\naway messages. A remote attacker could send a specially crafted away\r\nmessage to a Gaim user logged into AIM or ICQ that could result in\r\narbitrary code execution. The Common Vulnerabilities and Exposures project\r\n(cve.mitre.org) has assigned the name CAN-2005-2103 to this issue.\r\n\r\nDaniel Atallah discovered a denial of service issue in Gaim. A remote\r\nattacker could attempt to upload a file with a specially crafted name to a\r\nuser logged into AIM or ICQ, causing Gaim to crash. The Common\r\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\r\nCAN-2005-2102 to this issue.\r\n\r\nA denial of service bug was found in Gaim's Gadu Gadu protocol handler. A\r\nremote attacker could send a specially crafted message to a Gaim user\r\nlogged into Gadu Gadu, causing Gaim to crash. Please note that this issue\r\nonly affects PPC and IBM S/390 systems running Gaim. The Common\r\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\r\nCAN-2005-2370 to this issue.\r\n\r\nUsers of gaim are advised to upgrade to this updated package, which\r\ncontains backported patches and is not vulnerable to these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2005-August/012035.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-August/012036.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-August/012047.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-August/012048.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-August/012049.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-August/012050.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-August/012051.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-August/012052.html\n\n**Affected packages:**\ngaim\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2005-627.html", "edition": 1, "reporter": "CentOS Project", "published": "2005-08-10T08:32:46", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "gaim security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2005-2370", "CVE-2005-2103", "CVE-2005-2102"], "modified": "2005-08-10T18:22:04", "href": "http://lists.centos.org/pipermail/centos-announce/2005-August/012035.html", "id": "CESA-2005:627", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:15", "references": [], "edition": 1, "description": "## Vulnerability Description\nA remote overflow exists in gaim. The program fails to validate away messages resulting in a buffer overflow. With a specially crafted away message, an attacker can cause arbitrary code execution resulting in a loss of integrity.\n## Solution Description\nUpgrade to version 1.5.0 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nA remote overflow exists in gaim. The program fails to validate away messages resulting in a buffer overflow. With a specially crafted away message, an attacker can cause arbitrary code execution resulting in a loss of integrity.\n## References:\n[Vendor Specific Advisory URL](http://gaim.sourceforge.net/security/index.php?id=22)\nSecurity Tracker: 1014649\n[Secunia Advisory ID:16384](https://secuniaresearch.flexerasoftware.com/advisories/16384/)\n[Secunia Advisory ID:16437](https://secuniaresearch.flexerasoftware.com/advisories/16437/)\n[Secunia Advisory ID:16387](https://secuniaresearch.flexerasoftware.com/advisories/16387/)\n[Secunia Advisory ID:16423](https://secuniaresearch.flexerasoftware.com/advisories/16423/)\n[Secunia Advisory ID:16436](https://secuniaresearch.flexerasoftware.com/advisories/16436/)\n[Secunia Advisory ID:16442](https://secuniaresearch.flexerasoftware.com/advisories/16442/)\n[Secunia Advisory ID:16483](https://secuniaresearch.flexerasoftware.com/advisories/16483/)\n[Secunia Advisory ID:16637](https://secuniaresearch.flexerasoftware.com/advisories/16637/)\n[Secunia Advisory ID:16379](https://secuniaresearch.flexerasoftware.com/advisories/16379/)\n[Secunia Advisory ID:16535](https://secuniaresearch.flexerasoftware.com/advisories/16535/)\n[Related OSVDB ID: 18668](https://vulners.com/osvdb/OSVDB:18668)\nRedHat RHSA: RHSA-2005:627\nRedHat RHSA: RHSA-2005:589\nPacket Storm: http://packetstormsecurity.org/0508-advisories/glsa-200508-06.txt\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200508-06.xml\nOther Advisory URL: ftp://patches.sgi.com/support/free/security/advisories/20050802-01-U.asc\nOther Advisory URL: http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.407421\nOther Advisory URL: http://www.ubuntulinux.org/support/documentation/usn/usn-168-1\nOther Advisory URL: http://www.novell.com/linux/security/advisories/2005_19_sr.html\nOther Advisory URL: http://sourceforge.net/tracker/index.php?func=detail&aid=1235427&group_id=235&atid=100235\nOther Advisory URL: http://frontal1.mandriva.com/security/advisories?name=MDKSA-2005:139\n[CVE-2005-2103](https://vulners.com/cve/CVE-2005-2103)\n", "reporter": "Brandon Perry()", "published": "2005-08-10T09:38:45", "type": "osvdb", "title": "Gaim Away Message Processing Remote Overflow", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "gaim", "version": "1.4.x", "operator": "eq"}, {"name": "gaim", "version": "1.3.x", "operator": "eq"}, {"name": "gaim", "version": "1.0.x", "operator": "eq"}, {"name": "gaim", "version": "1.2.x", "operator": "eq"}, {"name": "gaim", "version": "1.1.x", "operator": "eq"}], "cvelist": ["CVE-2005-2103"], "modified": "2005-08-10T09:38:45", "href": "https://vulners.com/osvdb/OSVDB:18669", "id": "OSVDB:18669", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2018-11-16T04:59:09", "references": ["https://access.redhat.com/security/cve/cve-2005-2103", "https://access.redhat.com/errata/RHSA-2005:589"], "pluginID": "19422", "description": "An updated gaim package that fixes a buffer overflow security issue is now available.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nGaim is an Internet Instant Messaging client.\n\nA heap based buffer overflow issue was discovered in the way Gaim processes away messages. A remote attacker could send a specially crafted away message to a Gaim user logged into AIM or ICQ which could result in arbitrary code execution. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2103 to this issue.\n\nUsers of gaim are advised to upgrade to this updated package, which contains backported patches and is not vulnerable to this issue.", "edition": 8, "reporter": "Tenable", "published": "2005-08-12T00:00:00", "title": "RHEL 2.1 : gaim (RHSA-2005:589)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2103"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:2.1", "p-cpe:/a:redhat:enterprise_linux:gaim"], "id": "REDHAT-RHSA-2005-589.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=19422", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2005:589. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(19422);\n script_version (\"1.21\");\n script_cvs_date(\"Date: 2018/11/15 11:40:30\");\n\n script_cve_id(\"CVE-2005-2103\");\n script_bugtraq_id(14531);\n script_xref(name:\"RHSA\", value:\"2005:589\");\n\n script_name(english:\"RHEL 2.1 : gaim (RHSA-2005:589)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated gaim package that fixes a buffer overflow security issue is\nnow available.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nGaim is an Internet Instant Messaging client.\n\nA heap based buffer overflow issue was discovered in the way Gaim\nprocesses away messages. A remote attacker could send a specially\ncrafted away message to a Gaim user logged into AIM or ICQ which could\nresult in arbitrary code execution. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the name CVE-2005-2103\nto this issue.\n\nUsers of gaim are advised to upgrade to this updated package, which\ncontains backported patches and is not vulnerable to this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-2103\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2005:589\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gaim package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/08/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^2\\.1([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i386\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2005:589\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"gaim-0.59.9-5.el2\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gaim\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-13T16:51:47", "references": ["http://www.nessus.org/u?541d7bcd", "http://gaim.sourceforge.net/security/?id=22"], "pluginID": "21447", "description": "The GAIM team reports :\n\nA remote AIM or ICQ user can cause a buffer overflow in Gaim by setting an away message containing many AIM substitution strings (such as %t or %n).", "edition": 5, "reporter": "Tenable", "published": "2006-05-13T00:00:00", "title": "FreeBSD : gaim -- AIM/ICQ away message buffer overflow (6d1761d2-0b23-11da-bc08-0001020eed82)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2103"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:ko-gaim", "p-cpe:/a:freebsd:freebsd:gaim", "cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:ja-gaim", "p-cpe:/a:freebsd:freebsd:ru-gaim"], "id": "FREEBSD_PKG_6D1761D20B2311DABC080001020EED82.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=21447", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(21447);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/11/10 11:49:40\");\n\n script_cve_id(\"CVE-2005-2103\");\n\n script_name(english:\"FreeBSD : gaim -- AIM/ICQ away message buffer overflow (6d1761d2-0b23-11da-bc08-0001020eed82)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The GAIM team reports :\n\nA remote AIM or ICQ user can cause a buffer overflow in Gaim by\nsetting an away message containing many AIM substitution strings (such\nas %t or %n).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://gaim.sourceforge.net/security/?id=22\"\n );\n # https://vuxml.freebsd.org/freebsd/6d1761d2-0b23-11da-bc08-0001020eed82.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?541d7bcd\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ja-gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ko-gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ru-gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/05/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"gaim<1.4.0_1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ja-gaim<1.4.0_1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ko-gaim<1.4.0_1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ru-gaim<1.4.0_1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:06:29", "references": ["https://security.gentoo.org/glsa/200508-06"], "pluginID": "19439", "description": "The remote host is affected by the vulnerability described in GLSA-200508-06 (Gaim: Remote execution of arbitrary code)\n\n Brandon Perry discovered that Gaim is vulnerable to a heap-based buffer overflow when handling away messages (CAN-2005-2103).\n Furthermore, Daniel Atallah discovered a vulnerability in the handling of file transfers (CAN-2005-2102).\n Impact :\n\n A remote attacker could create a specially crafted away message which, when viewed by the target user, could lead to the execution of arbitrary code. Also, an attacker could send a file with a non-UTF8 filename to a user, which would result in a Denial of Service.\n Workaround :\n\n There is no known workaround at this time.", "edition": 5, "reporter": "Tenable", "published": "2005-08-18T00:00:00", "title": "GLSA-200508-06 : Gaim: Remote execution of arbitrary code", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2103", "CVE-2005-2102"], "modified": "2018-07-11T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:gaim"], "id": "GENTOO_GLSA-200508-06.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=19439", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200508-06.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(19439);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/07/11 17:09:25\");\n\n script_cve_id(\"CVE-2005-2102\", \"CVE-2005-2103\");\n script_bugtraq_id(14531);\n script_xref(name:\"GLSA\", value:\"200508-06\");\n\n script_name(english:\"GLSA-200508-06 : Gaim: Remote execution of arbitrary code\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200508-06\n(Gaim: Remote execution of arbitrary code)\n\n Brandon Perry discovered that Gaim is vulnerable to a heap-based\n buffer overflow when handling away messages (CAN-2005-2103).\n Furthermore, Daniel Atallah discovered a vulnerability in the handling\n of file transfers (CAN-2005-2102).\n \nImpact :\n\n A remote attacker could create a specially crafted away message\n which, when viewed by the target user, could lead to the execution of\n arbitrary code. Also, an attacker could send a file with a non-UTF8\n filename to a user, which would result in a Denial of Service.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200508-06\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Gaim users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-im/gaim-1.5.0'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/08/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/08/18\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/08/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-im/gaim\", unaffected:make_list(\"ge 1.5.0\"), vulnerable:make_list(\"lt 1.5.0\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Gaim\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:36:06", "references": ["http://www.nessus.org/u?f0a4306e"], "pluginID": "19860", "description": "New gaim packages are available for Slackware 9.0, 9.1, 10.0, 10.1, and -current to fix some security issues. including: AIM/ICQ away message buffer overflow AIM/ICQ non-UTF-8 filename crash Gadu-Gadu memory alignment bug Sites that use GAIM should upgrade to the new version.", "edition": 5, "reporter": "Tenable", "published": "2005-10-05T00:00:00", "title": "Slackware 10.0 / 10.1 / 9.0 / 9.1 / current : gaim (SSA:2005-242-03)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Slackware Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2370", "CVE-2005-2103", "CVE-2005-2102"], "modified": "2018-08-09T00:00:00", "cpe": ["cpe:/o:slackware:slackware_linux:9.0", "cpe:/o:slackware:slackware_linux:9.1", "p-cpe:/a:slackware:slackware_linux:gaim", "cpe:/o:slackware:slackware_linux:10.1", "cpe:/o:slackware:slackware_linux:10.0", "cpe:/o:slackware:slackware_linux"], "id": "SLACKWARE_SSA_2005-242-03.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=19860", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2005-242-03. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(19860);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2018/08/09 17:06:37\");\n\n script_cve_id(\"CVE-2005-2102\", \"CVE-2005-2103\", \"CVE-2005-2370\");\n script_xref(name:\"SSA\", value:\"2005-242-03\");\n\n script_name(english:\"Slackware 10.0 / 10.1 / 9.0 / 9.1 / current : gaim (SSA:2005-242-03)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New gaim packages are available for Slackware 9.0, 9.1, 10.0, 10.1,\nand -current to fix some security issues. including: AIM/ICQ away\nmessage buffer overflow AIM/ICQ non-UTF-8 filename crash Gadu-Gadu\nmemory alignment bug Sites that use GAIM should upgrade to the new\nversion.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.407421\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f0a4306e\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gaim package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/08/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/10/05\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"9.0\", pkgname:\"gaim\", pkgver:\"1.5.0\", pkgarch:\"i386\", pkgnum:\"1\")) flag++;\n\nif (slackware_check(osver:\"9.1\", pkgname:\"gaim\", pkgver:\"1.5.0\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\n\nif (slackware_check(osver:\"10.0\", pkgname:\"gaim\", pkgver:\"1.5.0\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\n\nif (slackware_check(osver:\"10.1\", pkgname:\"gaim\", pkgver:\"1.5.0\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"gaim\", pkgver:\"1.5.0\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:40:50", "references": [], "pluginID": "20574", "description": "Daniel Atallah discovered a Denial of Service vulnerability in the file transfer handler of OSCAR (the module that handles various instant messaging protocols like ICQ). A remote attacker could crash the Gaim client of an user by attempting to send him a file with a name that contains invalid UTF-8 characters. (CAN-2005-2102)\n\nIt was found that specially crafted 'away' messages triggered a buffer overflow. A remote attacker could exploit this to crash the Gaim client or possibly even execute arbitrary code with the permissions of the Gaim user. (CAN-2005-2103)\n\nSzymon Zygmunt and Michal Bartoszkiewicz discovered a memory alignment error in the Gadu library, which was fixed in USN-162-1.\nHowever, it was discovered that Gaim contains a copy of the vulnerable code. By sending specially crafted messages over the Gadu protocol, a remote attacker could crash Gaim. (CAN-2005-2370).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "reporter": "Tenable", "published": "2006-01-15T00:00:00", "title": "Ubuntu 4.10 / 5.04 : gaim vulnerabilities (USN-168-1)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2370", "CVE-2005-2103", "CVE-2005-2102"], "modified": "2018-07-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:gaim-dev", "p-cpe:/a:canonical:ubuntu_linux:gaim-data", "cpe:/o:canonical:ubuntu_linux:5.04", "cpe:/o:canonical:ubuntu_linux:4.10", "p-cpe:/a:canonical:ubuntu_linux:gaim"], "id": "UBUNTU_USN-168-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=20574", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-168-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(20574);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/07/19 23:44:03\");\n\n script_cve_id(\"CVE-2005-2102\", \"CVE-2005-2103\", \"CVE-2005-2370\");\n script_bugtraq_id(14531);\n script_xref(name:\"USN\", value:\"168-1\");\n\n script_name(english:\"Ubuntu 4.10 / 5.04 : gaim vulnerabilities (USN-168-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Daniel Atallah discovered a Denial of Service vulnerability in the\nfile transfer handler of OSCAR (the module that handles various\ninstant messaging protocols like ICQ). A remote attacker could crash\nthe Gaim client of an user by attempting to send him a file with a\nname that contains invalid UTF-8 characters. (CAN-2005-2102)\n\nIt was found that specially crafted 'away' messages triggered a buffer\noverflow. A remote attacker could exploit this to crash the Gaim\nclient or possibly even execute arbitrary code with the permissions of\nthe Gaim user. (CAN-2005-2103)\n\nSzymon Zygmunt and Michal Bartoszkiewicz discovered a memory\nalignment error in the Gadu library, which was fixed in USN-162-1.\nHowever, it was discovered that Gaim contains a copy of the vulnerable\ncode. By sending specially crafted messages over the Gadu protocol, a\nremote attacker could crash Gaim. (CAN-2005-2370).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gaim, gaim-data and / or gaim-dev packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gaim-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gaim-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:4.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/01/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2005-2018 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(4\\.10|5\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 4.10 / 5.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"4.10\", pkgname:\"gaim\", pkgver:\"1.0.0-1ubuntu1.8\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"gaim\", pkgver:\"1.1.4-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"gaim-data\", pkgver:\"1.1.4-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"gaim-dev\", pkgver:\"1.1.4-1ubuntu4.4\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gaim / gaim-data / gaim-dev\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-11T12:42:21", "references": ["http://www.nessus.org/u?3e4ca783", "http://www.nessus.org/u?6c1479ab", "http://www.nessus.org/u?2fd32204", "http://www.nessus.org/u?c4e9f139", "http://www.nessus.org/u?72e67002", "http://www.nessus.org/u?bde62fab"], "pluginID": "21846", "description": "An updated gaim package that fixes multiple security issues is now available.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nGaim is an Internet Messaging client.\n\nA heap based buffer overflow issue was discovered in the way Gaim processes away messages. A remote attacker could send a specially crafted away message to a Gaim user logged into AIM or ICQ that could result in arbitrary code execution. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2103 to this issue.\n\nDaniel Atallah discovered a denial of service issue in Gaim. A remote attacker could attempt to upload a file with a specially crafted name to a user logged into AIM or ICQ, causing Gaim to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2102 to this issue.\n\nA denial of service bug was found in Gaim's Gadu Gadu protocol handler. A remote attacker could send a specially crafted message to a Gaim user logged into Gadu Gadu, causing Gaim to crash. Please note that this issue only affects PPC and IBM S/390 systems running Gaim.\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2370 to this issue.\n\nUsers of gaim are advised to upgrade to this updated package, which contains backported patches and is not vulnerable to these issues.", "edition": 7, "reporter": "Tenable", "published": "2006-07-03T00:00:00", "title": "CentOS 3 / 4 : gaim (CESA-2005:627)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2370", "CVE-2005-2103", "CVE-2005-2102"], "modified": "2018-11-10T00:00:00", "cpe": ["cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:gaim", "cpe:/o:centos:centos:3"], "id": "CENTOS_RHSA-2005-627.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=21846", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2005:627 and \n# CentOS Errata and Security Advisory 2005:627 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(21846);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/11/10 11:49:27\");\n\n script_cve_id(\"CVE-2005-2102\", \"CVE-2005-2103\", \"CVE-2005-2370\");\n script_bugtraq_id(14531);\n script_xref(name:\"RHSA\", value:\"2005:627\");\n\n script_name(english:\"CentOS 3 / 4 : gaim (CESA-2005:627)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated gaim package that fixes multiple security issues is now\navailable.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nGaim is an Internet Messaging client.\n\nA heap based buffer overflow issue was discovered in the way Gaim\nprocesses away messages. A remote attacker could send a specially\ncrafted away message to a Gaim user logged into AIM or ICQ that could\nresult in arbitrary code execution. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the name CVE-2005-2103\nto this issue.\n\nDaniel Atallah discovered a denial of service issue in Gaim. A remote\nattacker could attempt to upload a file with a specially crafted name\nto a user logged into AIM or ICQ, causing Gaim to crash. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the\nname CVE-2005-2102 to this issue.\n\nA denial of service bug was found in Gaim's Gadu Gadu protocol\nhandler. A remote attacker could send a specially crafted message to a\nGaim user logged into Gadu Gadu, causing Gaim to crash. Please note\nthat this issue only affects PPC and IBM S/390 systems running Gaim.\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CVE-2005-2370 to this issue.\n\nUsers of gaim are advised to upgrade to this updated package, which\ncontains backported patches and is not vulnerable to these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-August/012035.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bde62fab\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-August/012036.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c4e9f139\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-August/012047.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2fd32204\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-August/012048.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6c1479ab\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-August/012049.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3e4ca783\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-August/012050.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?72e67002\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gaim package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/08/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/07/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", reference:\"gaim-1.3.1-0.el3.3\")) flag++;\n\nif (rpm_check(release:\"CentOS-4\", reference:\"gaim-1.3.1-0.el4.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-16T05:14:29", "references": ["https://access.redhat.com/security/cve/cve-2005-2370", "https://access.redhat.com/security/cve/cve-2005-2103", "https://access.redhat.com/security/cve/cve-2005-2102", "https://access.redhat.com/errata/RHSA-2005:627"], "pluginID": "19423", "description": "An updated gaim package that fixes multiple security issues is now available.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nGaim is an Internet Messaging client.\n\nA heap based buffer overflow issue was discovered in the way Gaim processes away messages. A remote attacker could send a specially crafted away message to a Gaim user logged into AIM or ICQ that could result in arbitrary code execution. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2103 to this issue.\n\nDaniel Atallah discovered a denial of service issue in Gaim. A remote attacker could attempt to upload a file with a specially crafted name to a user logged into AIM or ICQ, causing Gaim to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2102 to this issue.\n\nA denial of service bug was found in Gaim's Gadu Gadu protocol handler. A remote attacker could send a specially crafted message to a Gaim user logged into Gadu Gadu, causing Gaim to crash. Please note that this issue only affects PPC and IBM S/390 systems running Gaim.\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2370 to this issue.\n\nUsers of gaim are advised to upgrade to this updated package, which contains backported patches and is not vulnerable to these issues.", "edition": 8, "reporter": "Tenable", "published": "2005-08-12T00:00:00", "title": "RHEL 3 / 4 : gaim (RHSA-2005:627)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2370", "CVE-2005-2103", "CVE-2005-2102"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "p-cpe:/a:redhat:enterprise_linux:gaim"], "id": "REDHAT-RHSA-2005-627.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=19423", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2005:627. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(19423);\n script_version (\"1.21\");\n script_cvs_date(\"Date: 2018/11/15 11:40:30\");\n\n script_cve_id(\"CVE-2005-2102\", \"CVE-2005-2103\", \"CVE-2005-2370\");\n script_bugtraq_id(14531);\n script_xref(name:\"RHSA\", value:\"2005:627\");\n\n script_name(english:\"RHEL 3 / 4 : gaim (RHSA-2005:627)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated gaim package that fixes multiple security issues is now\navailable.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nGaim is an Internet Messaging client.\n\nA heap based buffer overflow issue was discovered in the way Gaim\nprocesses away messages. A remote attacker could send a specially\ncrafted away message to a Gaim user logged into AIM or ICQ that could\nresult in arbitrary code execution. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the name CVE-2005-2103\nto this issue.\n\nDaniel Atallah discovered a denial of service issue in Gaim. A remote\nattacker could attempt to upload a file with a specially crafted name\nto a user logged into AIM or ICQ, causing Gaim to crash. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the\nname CVE-2005-2102 to this issue.\n\nA denial of service bug was found in Gaim's Gadu Gadu protocol\nhandler. A remote attacker could send a specially crafted message to a\nGaim user logged into Gadu Gadu, causing Gaim to crash. Please note\nthat this issue only affects PPC and IBM S/390 systems running Gaim.\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CVE-2005-2370 to this issue.\n\nUsers of gaim are advised to upgrade to this updated package, which\ncontains backported patches and is not vulnerable to these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-2102\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-2103\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-2370\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2005:627\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gaim package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/08/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x / 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2005:627\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"gaim-1.3.1-0.el3.3\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"gaim-1.3.1-0.el4.3\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gaim\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:55:47", "references": [], "pluginID": "19896", "description": "Yet more vulnerabilities have been discovered in the gaim IM client.\nInvalid characters in a sent file can cause Gaim to crash on some systems (CVE-2005-2102); a remote AIM or ICQ user can cause a buffer overflow in Gaim by setting an away message containing many AIM substitution strings (CVE-2005-2103); a memory alignment bug in the library used by Gaim to access the Gadu-Gadu network can result in a buffer overflow on non-x86 architecture systems (CVE-2005-2370).\n\nThese problems have been corrected in gaim 1.5.0 which is provided with this update.", "edition": 5, "reporter": "Tenable", "published": "2005-10-05T00:00:00", "title": "Mandrake Linux Security Advisory : gaim (MDKSA-2005:139)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Mandriva Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2370", "CVE-2005-2103", "CVE-2005-2102"], "modified": "2018-07-19T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:gaim-silc", "p-cpe:/a:mandriva:linux:gaim-tcl", "p-cpe:/a:mandriva:linux:lib64gaim-remote0-devel", "cpe:/o:mandrakesoft:mandrake_linux:10.1", "p-cpe:/a:mandriva:linux:gaim", "p-cpe:/a:mandriva:linux:lib64gaim-remote0", "p-cpe:/a:mandriva:linux:libgaim-remote0-devel", "p-cpe:/a:mandriva:linux:libgaim-remote0", "p-cpe:/a:mandriva:linux:gaim-perl", "x-cpe:/o:mandrakesoft:mandrake_linux:le2005", "p-cpe:/a:mandriva:linux:gaim-gevolution", "p-cpe:/a:mandriva:linux:gaim-devel"], "id": "MANDRAKE_MDKSA-2005-139.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=19896", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2005:139. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(19896);\n script_version (\"1.16\");\n script_cvs_date(\"Date: 2018/07/19 20:59:13\");\n\n script_cve_id(\"CVE-2005-2102\", \"CVE-2005-2103\", \"CVE-2005-2370\");\n script_xref(name:\"MDKSA\", value:\"2005:139\");\n\n script_name(english:\"Mandrake Linux Security Advisory : gaim (MDKSA-2005:139)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Yet more vulnerabilities have been discovered in the gaim IM client.\nInvalid characters in a sent file can cause Gaim to crash on some\nsystems (CVE-2005-2102); a remote AIM or ICQ user can cause a buffer\noverflow in Gaim by setting an away message containing many AIM\nsubstitution strings (CVE-2005-2103); a memory alignment bug in the\nlibrary used by Gaim to access the Gadu-Gadu network can result in a\nbuffer overflow on non-x86 architecture systems (CVE-2005-2370).\n\nThese problems have been corrected in gaim 1.5.0 which is provided\nwith this update.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gaim-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gaim-gevolution\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gaim-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gaim-silc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gaim-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64gaim-remote0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64gaim-remote0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libgaim-remote0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libgaim-remote0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:mandrakesoft:mandrake_linux:le2005\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/08/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/10/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK10.1\", reference:\"gaim-1.5.0-0.1.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"gaim-devel-1.5.0-0.1.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"gaim-gevolution-1.5.0-0.1.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"gaim-perl-1.5.0-0.1.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"gaim-tcl-1.5.0-0.1.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64gaim-remote0-1.5.0-0.1.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64gaim-remote0-devel-1.5.0-0.1.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libgaim-remote0-1.5.0-0.1.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libgaim-remote0-devel-1.5.0-0.1.101mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK10.2\", reference:\"gaim-1.5.0-0.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"gaim-devel-1.5.0-0.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"gaim-gevolution-1.5.0-0.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"gaim-perl-1.5.0-0.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"gaim-silc-1.5.0-0.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"gaim-tcl-1.5.0-0.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", cpu:\"x86_64\", reference:\"lib64gaim-remote0-1.5.0-0.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", cpu:\"x86_64\", reference:\"lib64gaim-remote0-devel-1.5.0-0.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", cpu:\"i386\", reference:\"libgaim-remote0-1.5.0-0.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", cpu:\"i386\", reference:\"libgaim-remote0-devel-1.5.0-0.1.102mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2018-08-31T01:15:55", "references": ["http://gaim.sourceforge.net/security/?id=22"], "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "1.4.0_1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "gaim", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "1.4.0_1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "ja-gaim", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "1.4.0_1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "ru-gaim", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "1.4.0_1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "ko-gaim", "operator": "lt"}], "description": "\nThe GAIM team reports:\n\nA remote AIM or ICQ user can cause a buffer overflow in\n\t Gaim by setting an away message containing many AIM\n\t substitution strings (such as %t or %n).\n\n", "edition": 3, "reporter": "FreeBSD", "published": "2005-08-09T00:00:00", "title": "gaim -- AIM/ICQ away message buffer overflow", "type": "freebsd", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2005-2103"], "modified": "2005-08-09T00:00:00", "id": "6D1761D2-0B23-11DA-BC08-0001020EED82", "href": "https://vuxml.freebsd.org/freebsd/6d1761d2-0b23-11da-bc08-0001020eed82.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2017-07-02T21:10:27", "references": [], "pluginID": "55045", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "edition": 1, "reporter": "Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com", "published": "2008-09-04T00:00:00", "title": "FreeBSD Ports: gaim, ja-gaim, ko-gaim, ru-gaim", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2103"], "modified": "2016-09-19T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=55045", "id": "OPENVAS:55045", "sourceData": "#\n#VID 6d1761d2-0b23-11da-bc08-0001020eed82\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n gaim\n ja-gaim\n ko-gaim\n ru-gaim\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://gaim.sourceforge.net/security/?id=22\nhttp://www.vuxml.org/freebsd/6d1761d2-0b23-11da-bc08-0001020eed82.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(55045);\n script_version(\"$Revision: 4112 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-19 15:17:59 +0200 (Mon, 19 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_bugtraq_id(14531);\n script_cve_id(\"CVE-2005-2103\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"FreeBSD Ports: gaim, ja-gaim, ko-gaim, ru-gaim\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"gaim\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.4.0_1\")<0) {\n txt += 'Package gaim version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"ja-gaim\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.4.0_1\")<0) {\n txt += 'Package ja-gaim version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"ko-gaim\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.4.0_1\")<0) {\n txt += 'Package ko-gaim version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"ru-gaim\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.4.0_1\")<0) {\n txt += 'Package ru-gaim version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:24", "references": [], "pluginID": "55060", "description": "The remote host is missing updates announced in\nadvisory GLSA 200508-06.", "edition": 2, "reporter": "Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com", "published": "2008-09-24T00:00:00", "title": "Gentoo Security Advisory GLSA 200508-06 (Gaim)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2103", "CVE-2005-2102"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=55060", "id": "OPENVAS:55060", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Gaim is vulnerable to a buffer overflow which could lead to the execution\nof arbitrary code or to a Denial of Service.\";\ntag_solution = \"All Gaim users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-im/gaim-1.5.0'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200508-06\nhttp://bugs.gentoo.org/show_bug.cgi?id=102000\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200508-06.\";\n\n \n\nif(description)\n{\n script_id(55060);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2005-2102\", \"CVE-2005-2103\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200508-06 (Gaim)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-im/gaim\", unaffected: make_list(\"ge 1.5.0\"), vulnerable: make_list(\"lt 1.5.0\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:32", "references": [], "pluginID": "55187", "description": "The remote host is missing an update as announced\nvia advisory SSA:2005-242-03.", "edition": 2, "reporter": "Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com", "published": "2012-09-11T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Slackware Advisory SSA:2005-242-03 gaim", "type": "openvas", "naslFamily": "Slackware Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2370", "CVE-2005-2103", "CVE-2005-2102"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=55187", "id": "OPENVAS:55187", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2005_242_03.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New gaim packages are available for Slackware 9.0, 9.1, 10.0, 10.1,\nand -current to fix some security issues. including:\n\nAIM/ICQ away message buffer overflow\nAIM/ICQ non-UTF-8 filename crash\nGadu-Gadu memory alignment bug\n\nSites that use GAIM should upgrade to the new version.\n\nMore details about these issues may be found in the Common\nVulnerabilities and Exposures (CVE) database:\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2005-242-03.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2005-242-03\";\n \nif(description)\n{\n script_id(55187);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_cve_id(\"CVE-2005-2103\", \"CVE-2005-2102\", \"CVE-2005-2370\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 6598 $\");\n name = \"Slackware Advisory SSA:2005-242-03 gaim \";\n script_name(name);\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"gaim\", ver:\"1.5.0-i386-1\", rls:\"SLK9.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"gaim\", ver:\"1.5.0-i486-1\", rls:\"SLK9.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"gaim\", ver:\"1.5.0-i486-1\", rls:\"SLK10.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"gaim\", ver:\"1.5.0-i486-1\", rls:\"SLK10.1\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:58:54", "references": [], "pluginID": "136141256231055187", "description": "The remote host is missing an update as announced\nvia advisory SSA:2005-242-03.", "edition": 3, "reporter": "Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com", "published": "2012-09-11T00:00:00", "title": "Slackware Advisory SSA:2005-242-03 gaim", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Slackware Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-2370", "CVE-2005-2103", "CVE-2005-2102"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231055187", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231055187", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2005_242_03.nasl 9352 2018-04-06 07:13:02Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New gaim packages are available for Slackware 9.0, 9.1, 10.0, 10.1,\nand -current to fix some security issues. including:\n\nAIM/ICQ away message buffer overflow\nAIM/ICQ non-UTF-8 filename crash\nGadu-Gadu memory alignment bug\n\nSites that use GAIM should upgrade to the new version.\n\nMore details about these issues may be found in the Common\nVulnerabilities and Exposures (CVE) database:\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2005-242-03.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2005-242-03\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.55187\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:13:02 +0200 (Fri, 06 Apr 2018) $\");\n script_cve_id(\"CVE-2005-2103\", \"CVE-2005-2102\", \"CVE-2005-2370\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 9352 $\");\n name = \"Slackware Advisory SSA:2005-242-03 gaim \";\n script_name(name);\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"gaim\", ver:\"1.5.0-i386-1\", rls:\"SLK9.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"gaim\", ver:\"1.5.0-i486-1\", rls:\"SLK9.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"gaim\", ver:\"1.5.0-i486-1\", rls:\"SLK10.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"gaim\", ver:\"1.5.0-i486-1\", rls:\"SLK10.1\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "redhat": [{"lastseen": "2018-12-11T17:42:59", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "2", "packageVersion": "0.59.9-5.el2", "arch": "i386", "packageName": "gaim", "packageFilename": "gaim-0.59.9-5.el2.i386.rpm", "operator": "lt"}], "description": "Gaim is an Internet Instant Messaging client.\r\n\r\nA heap based buffer overflow issue was discovered in the way Gaim processes\r\naway messages. A remote attacker could send a specially crafted away\r\nmessage to a Gaim user logged into AIM or ICQ which could result in\r\narbitrary code execution. The Common Vulnerabilities and Exposures project\r\n(cve.mitre.org) has assigned the name CAN-2005-2103 to this issue.\r\n\r\nUsers of gaim are advised to upgrade to this updated package, which\r\ncontains backported patches and is not vulnerable to this issue.", "reporter": "RedHat", "published": "2005-08-09T04:00:00", "type": "redhat", "title": "(RHSA-2005:589) gaim security update", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2005-2103"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-03-14T19:26:43", "id": "RHSA-2005:589", "href": "https://access.redhat.com/errata/RHSA-2005:589", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-12-11T17:41:53", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "4", "packageVersion": "1.3.1-0.el4.3", "arch": "i386", "packageName": "gaim", "packageFilename": "gaim-1.3.1-0.el4.3.i386.rpm", "operator": "lt"}], "description": "Gaim is an Internet Messaging client.\r\n\r\nA heap based buffer overflow issue was discovered in the way Gaim processes\r\naway messages. A remote attacker could send a specially crafted away\r\nmessage to a Gaim user logged into AIM or ICQ that could result in\r\narbitrary code execution. The Common Vulnerabilities and Exposures project\r\n(cve.mitre.org) has assigned the name CAN-2005-2103 to this issue.\r\n\r\nDaniel Atallah discovered a denial of service issue in Gaim. A remote\r\nattacker could attempt to upload a file with a specially crafted name to a\r\nuser logged into AIM or ICQ, causing Gaim to crash. The Common\r\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\r\nCAN-2005-2102 to this issue.\r\n\r\nA denial of service bug was found in Gaim's Gadu Gadu protocol handler. A\r\nremote attacker could send a specially crafted message to a Gaim user\r\nlogged into Gadu Gadu, causing Gaim to crash. Please note that this issue\r\nonly affects PPC and IBM S/390 systems running Gaim. The Common\r\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\r\nCAN-2005-2370 to this issue.\r\n\r\nUsers of gaim are advised to upgrade to this updated package, which\r\ncontains backported patches and is not vulnerable to these issues.", "reporter": "RedHat", "published": "2005-08-09T04:00:00", "type": "redhat", "title": "(RHSA-2005:627) gaim security update", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2005-2102", "CVE-2005-2103", "CVE-2005-2370"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T11:58:31", "id": "RHSA-2005:627", "href": "https://access.redhat.com/errata/RHSA-2005:627", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:17", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2103", "https://bugs.gentoo.org/show_bug.cgi?id=102000", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2102"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "1.5.0", "packageName": "net-im/gaim", "packageFilename": "UNKNOWN", "arch": "all", "operator": "lt"}], "description": "### Background\n\nGaim is a full featured instant messaging client which handles a variety of instant messaging protocols. \n\n### Description\n\nBrandon Perry discovered that Gaim is vulnerable to a heap-based buffer overflow when handling away messages (CAN-2005-2103). Furthermore, Daniel Atallah discovered a vulnerability in the handling of file transfers (CAN-2005-2102). \n\n### Impact\n\nA remote attacker could create a specially crafted away message which, when viewed by the target user, could lead to the execution of arbitrary code. Also, an attacker could send a file with a non-UTF8 filename to a user, which would result in a Denial of Service. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Gaim users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-im/gaim-1.5.0\"", "edition": 1, "reporter": "Gentoo Foundation", "published": "2005-08-15T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "gentoo", "title": "Gaim: Remote execution of arbitrary code", "bulletinFamily": "unix", "cvelist": ["CVE-2005-2103", "CVE-2005-2102"], "modified": "2005-08-15T00:00:00", "id": "GLSA-200508-06", "href": "https://security.gentoo.org/glsa/200508-06", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "slackware": [{"lastseen": "2018-08-31T02:36:52", "references": [], "affectedPackage": [{"OS": "Slackware", "OSVersion": "9.0", "packageVersion": "1.5.0", "arch": "i386", "packageFilename": "gaim-1.5.0-i386-1.tgz", "packageName": "gaim", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "10.0", "packageVersion": "1.5.0", "arch": "i486", "packageFilename": "gaim-1.5.0-i486-1.tgz", "packageName": "gaim", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "10.1", "packageVersion": "1.5.0", "arch": "i486", "packageFilename": "gaim-1.5.0-i486-1.tgz", "packageName": "gaim", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "9.1", "packageVersion": "1.5.0", "arch": "i486", "packageFilename": "gaim-1.5.0-i486-1.tgz", "packageName": "gaim", "operator": "lt"}], "description": "New gaim packages are available for Slackware 9.0, 9.1, 10.0, 10.1,\nand -current to fix some security issues. including:\n\n AIM/ICQ away message buffer overflow\n AIM/ICQ non-UTF-8 filename crash\n Gadu-Gadu memory alignment bug\n\nSites that use GAIM should upgrade to the new version.\n\nMore details about these issues may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2103\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2102\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2370\n\n\nHere are the details from the Slackware 10.1 ChangeLog:\n\npatches/packages/gaim-1.5.0-i486-1.tgz: Upgraded to gaim-1.5.0.\n This fixes some more security issues.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2103\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2102\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2370\n (* Security fix *)\n\nWhere to find the new packages:\n\nUpdated package for Slackware 9.0:\nftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/gaim-1.5.0-i386-1.tgz\n\nUpdated package for Slackware 9.1:\nftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/gaim-1.5.0-i486-1.tgz\n\nUpdated package for Slackware 10.0:\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/gaim-1.5.0-i486-1.tgz\n\nUpdated package for Slackware 10.1:\nftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/gaim-1.5.0-i486-1.tgz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/gaim-1.5.0-i486-1.tgz\n\n\nMD5 signatures:\n\nSlackware 9.0 package:\n676bad766cfddb50c7453554d66b1748 gaim-1.5.0-i386-1.tgz\n\nSlackware 9.1 package:\nd2cc0baba627ba9dbf3f218bdeacc630 gaim-1.5.0-i486-1.tgz\n\nSlackware 10.0 package:\n98d55471ed0a2f9def7fcded90860839 gaim-1.5.0-i486-1.tgz\n\nSlackware 10.1 package:\nbc6891f4acb22530c472218f5d9493fb gaim-1.5.0-i486-1.tgz\n\nSlackware -current package:\nb9a55d4359183b81e1150bea6e13b61e gaim-1.5.0-i486-1.tgz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg gaim-1.5.0-i486-1.tgz", "edition": 3, "reporter": "Slackware Linux Project", "published": "2005-08-30T15:54:29", "title": "gaim", "type": "slackware", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2005-2370", "CVE-2005-2103", "CVE-2005-2102"], "modified": "2005-08-30T15:54:29", "id": "SSA-2005-242-03", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.407421", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T00:36:58", "references": [], "affectedPackage": [], "description": "This advisory summarizes recent security fixes in Slackware -current.\n\nUsually security advisories are not issued on problems that exist only\nwithin the test version of Slackware (slackware-current), but since it's\nso close to being released as Slackware 10.2, and since there have been\nseveral -cuurent-only issues recently, it has been decided that it would\nbe a good idea to release a summary of all of the security fixes in\nSlackware -current for the last 2 weeks. Some of these are -current only,\nand some affect other versions of Slackware (and advisories for these\nhave already been issued).\n\n\nHere are the details from the Slackware -current ChangeLog:\n\nap/groff-1.19.1-i486-3.tgz: Fixed a /tmp bug in groffer. Groffer is a\n script to display formatted output on the console or X, and is not normally\n used in other scripts (for printers, etc) like most groff components are.\n The risk from this bug is probably quite low. The fix was pulled from the\n just-released groff-1.19.2. With Slackware 10.2 just around the corner it\n didn't seem prudent to upgrade to that -- the diff from 1.19.1 to 1.19.2\n is over a megabyte compressed.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0969\n (* Security fix *)\n\nkde/kdebase-3.4.2-i486-2.tgz: Patched a bug in Konqueror's handling of\n characters such as '*', '[', and '?'.\n Generated new kdm config files.\n Added /opt/kde/man to $MANPATH.\n Patched a security bug in kcheckpass that could allow a local user to\n gain root privileges.\n For more information, see:\n http://www.kde.org/info/security/advisory-20050905-1.txt\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2494\n (* Security fix *)\n\nn/mod_ssl-2.8.24_1.3.33-i486-1.tgz: Upgraded to mod_ssl-2.8.24-1.3.33.\n From the CHANGES file:\n Fix a security issue (CAN-2005-2700) where "SSLVerifyClient require" was\n not enforced in per-location context if "SSLVerifyClient optional" was\n configured in the global virtual host configuration.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2700\n (* Security fix *)\n\nn/openssh-4.2p1-i486-1.tgz: Upgraded to openssh-4.2p1.\n From the OpenSSH 4.2 release announcement:\n SECURITY: Fix a bug introduced in OpenSSH 4.0 that caused\n GatewayPorts to be incorrectly activated for dynamic ("-D") port\n forwardings when no listen address was explicitly specified.\n (* Security fix *)\n\nkde/kdeedu-3.4.2-i486-2.tgz: Fixed a minor /tmp bug in kvoctrain.\n (* Security fix *)\n\nn/php-4.4.0-i486-3.tgz: Relinked with the system PCRE library, as the builtin\n library has a buffer overflow that could be triggered by the processing of a\n specially crafted regular expression.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491\n (* Security fix *)\n Upgraded PEAR::XMLRPC to version 1.4.0, which eliminates the use of the\n insecure eval() function.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2498\n (* Security fix *)\n\nxap/gaim-1.5.0-i486-1.tgz: Upgraded to gaim-1.5.0.\n This fixes some more security issues.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2103\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2102\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2370\n (* Security fix *)\n\ntesting/packages/php-5.0.4/php-5.0.4-i486-3.tgz: Relinked with the\n system PCRE library, as the builtin library has a buffer overflow\n that could be triggered by the processing of a specially crafted\n regular expression.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491\n (* Security fix *)\n Upgraded PEAR::XMLRPC to version 1.4.0, which eliminates the use of the\n insecure eval() function.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2498\n (* Security fix *)\n Recompiled with support for mbstring, cURL, and XSLT.\n Thanks to Den (aka Diesel) for suggesting XSLT.\n\nWhere to find the new packages:\n\nAdd of these packages are available in the slackware-current directory\non ftp.slackware.com:\n\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/ap/groff-1.19.1-i486-3.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/kde/kdebase-3.4.2-i486-2.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/mod_ssl-2.8.24_1.3.33-i486-1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssh-4.2p1-i486-1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/kde/kdeedu-3.4.2-i486-2.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-4.4.0-i486-3.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/gaim-1.5.0-i486-1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/testing/packages/php-5.0.4/php-5.0.4-i486-3.tgz\n\nA .asc file is provided next to each package. This can be used along\nwith 'gpg --verify' to verify the integrity of the packages.", "edition": 3, "reporter": "Slackware Linux Project", "published": "2005-09-08T15:55:02", "title": "slackware-current security updates", "type": "slackware", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2005-2700", "CVE-2005-2498", "CVE-2005-2494", "CVE-2005-2370", "CVE-2005-2103", "CVE-2004-0969", "CVE-2005-2491", "CVE-2005-2102"], "modified": "2005-09-08T15:55:02", "id": "SSA-2005-251-03", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.651553", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:09:59", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2005-2102", "https://people.canonical.com/~ubuntu-security/cve/CVE-2005-2103", "https://people.canonical.com/~ubuntu-security/cve/CVE-2005-2370"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "5.04", "packageVersion": "any", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "gaim", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "4.10", "packageVersion": "any", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "gaim", "operator": "lt"}], "description": "Daniel Atallah discovered a Denial of Service vulnerability in the file transfer handler of OSCAR (the module that handles various instant messaging protocols like ICQ). A remote attacker could crash the Gaim client of an user by attempting to send him a file with a name that contains invalid UTF-8 characters. (CAN-2005-2102)\n\nIt was found that specially crafted \u201caway\u201d messages triggered a buffer overflow. A remote attacker could exploit this to crash the Gaim client or possibly even execute arbitrary code with the permissions of the Gaim user. (CAN-2005-2103)\n\nSzymon Zygmunt and Micha\u0106\u0082 Bartoszkiewicz discovered a memory alignment error in the Gadu library, which was fixed in USN-162-1. However, it was discovered that Gaim contains a copy of the vulnerable code. By sending specially crafted messages over the Gadu protocol, a remote attacker could crash Gaim. (CAN-2005-2370)", "edition": 3, "reporter": "Ubuntu", "published": "2005-08-12T00:00:00", "title": "Gaim vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2005-2370", "CVE-2005-2103", "CVE-2005-2102"], "modified": "2005-08-12T00:00:00", "id": "USN-168-1", "href": "https://usn.ubuntu.com/168-1/", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}
