CentOS 4 / 5 : pidgin (CESA-2009:1536)

🗓️ 02 Nov 2009 00:00:00Reported by TenableType

Updated pidgin packages for CentOS 4 and 5 fix invalid pointer dereference bug in Pidgin OSCAR protocol implementatio

Reporter	Title	Published	Views	Family All 108
BDU FSTEC	The vulnerability of the Red Hat Enterprise Linux operating system, which allows a remote attacker to compromise the accessibility of protected information	28 Apr 201500:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the Red Hat Enterprise Linux operating system, which allows a remote attacker to compromise the accessibility of protected information	28 Apr 201500:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the Red Hat Enterprise Linux operating system, which allows a remote attacker to compromise the accessibility of protected information	28 Apr 201500:00	–	bdu_fstec
Tenable Nessus	CentOS 3 : pidgin (CESA-2009:1535)	30 Oct 200900:00	–	nessus
Tenable Nessus	Debian DSA-1932-1 : pidgin - programming error	24 Feb 201000:00	–	nessus
Tenable Nessus	Fedora 11 : pidgin-2.6.3-2.fc11 (2009-10662)	22 Oct 200900:00	–	nessus
Tenable Nessus	Fedora 10 : pidgin-2.6.3-2.fc10 (2009-10702)	22 Oct 200900:00	–	nessus
Tenable Nessus	Mandriva Linux Security Advisory : pidgin (MDVSA-2010:001)	12 Jan 201000:00	–	nessus
Tenable Nessus	Mandriva Linux Security Advisory : pidgin (MDVSA-2010:085)	29 Apr 201000:00	–	nessus
Tenable Nessus	Oracle Linux 3 : pidgin (ELSA-2009-1535)	12 Jul 201300:00	–	nessus

Source	Link
nessus	www.nessus.org/u
nessus	www.nessus.org/u
nessus	www.nessus.org/u
nessus	www.nessus.org/u
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2009:1536 and 
# CentOS Errata and Security Advisory 2009:1536 respectively.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(42330);
  script_version("1.15");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");

  script_cve_id("CVE-2009-3615");
  script_xref(name:"RHSA", value:"2009:1536");

  script_name(english:"CentOS 4 / 5 : pidgin (CESA-2009:1536)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote CentOS host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Updated pidgin packages that fix a security issue are now available
for Red Hat Enterprise Linux 4 and 5.

This update has been rated as having moderate security impact by the
Red Hat Security Response Team.

Pidgin is an instant messaging program which can log in to multiple
accounts on multiple instant messaging networks simultaneously. The
AOL Open System for Communication in Realtime (OSCAR) protocol is used
by the AOL ICQ and AIM instant messaging systems.

An invalid pointer dereference bug was found in the way the Pidgin
OSCAR protocol implementation processed lists of contacts. A remote
attacker could send a specially crafted contact list to a user running
Pidgin, causing Pidgin to crash. (CVE-2009-3615)

These packages upgrade Pidgin to version 2.6.3. Refer to the Pidgin
release notes for a full list of changes:
http://developer.pidgin.im/wiki/ChangeLog

All Pidgin users should upgrade to these updated packages, which
correct this issue. Pidgin must be restarted for this update to take
effect."
  );
  # https://lists.centos.org/pipermail/centos-announce/2009-October/016266.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?900ada57"
  );
  # https://lists.centos.org/pipermail/centos-announce/2009-October/016267.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?8c7abd35"
  );
  # https://lists.centos.org/pipermail/centos-announce/2009-October/016292.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?eb628ad0"
  );
  # https://lists.centos.org/pipermail/centos-announce/2009-October/016293.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?fba5cb60"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected pidgin packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_cwe_id(399);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:finch");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:finch-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libpurple");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libpurple-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libpurple-perl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libpurple-tcl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:pidgin");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:pidgin-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:pidgin-perl");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:4");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:5");

  script_set_attribute(attribute:"vuln_publication_date", value:"2009/10/20");
  script_set_attribute(attribute:"patch_publication_date", value:"2009/10/30");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/11/02");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"CentOS Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/CentOS/release");
if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
os_ver = os_ver[1];
if (! preg(pattern:"^(4|5)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 4.x / 5.x", "CentOS " + os_ver);

if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);


flag = 0;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"finch-2.6.3-2.el4")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"finch-2.6.3-2.el4")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"finch-devel-2.6.3-2.el4")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"finch-devel-2.6.3-2.el4")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"libpurple-2.6.3-2.el4")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"libpurple-2.6.3-2.el4")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"libpurple-devel-2.6.3-2.el4")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"libpurple-devel-2.6.3-2.el4")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"libpurple-perl-2.6.3-2.el4")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"libpurple-perl-2.6.3-2.el4")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"libpurple-tcl-2.6.3-2.el4")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"libpurple-tcl-2.6.3-2.el4")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"pidgin-2.6.3-2.el4")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"pidgin-2.6.3-2.el4")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"pidgin-devel-2.6.3-2.el4")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"pidgin-devel-2.6.3-2.el4")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"i386", reference:"pidgin-perl-2.6.3-2.el4")) flag++;
if (rpm_check(release:"CentOS-4", cpu:"x86_64", reference:"pidgin-perl-2.6.3-2.el4")) flag++;

if (rpm_check(release:"CentOS-5", reference:"finch-2.6.3-2.el5")) flag++;
if (rpm_check(release:"CentOS-5", reference:"finch-devel-2.6.3-2.el5")) flag++;
if (rpm_check(release:"CentOS-5", reference:"libpurple-2.6.3-2.el5")) flag++;
if (rpm_check(release:"CentOS-5", reference:"libpurple-devel-2.6.3-2.el5")) flag++;
if (rpm_check(release:"CentOS-5", reference:"libpurple-perl-2.6.3-2.el5")) flag++;
if (rpm_check(release:"CentOS-5", reference:"libpurple-tcl-2.6.3-2.el5")) flag++;
if (rpm_check(release:"CentOS-5", reference:"pidgin-2.6.3-2.el5")) flag++;
if (rpm_check(release:"CentOS-5", reference:"pidgin-devel-2.6.3-2.el5")) flag++;
if (rpm_check(release:"CentOS-5", reference:"pidgin-perl-2.6.3-2.el5")) flag++;


if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "finch / finch-devel / libpurple / libpurple-devel / libpurple-perl / etc");
}

04 Jan 2021 00:00Current

5.3Medium risk

Vulners AI Score5.3

CVSS 25

EPSS0.08411

centos 4 centos 5 pidgin security issue aol oscar protocol remote attacker package upgrade pidgin users