Scientific Linux Security Update : pidgin on SL4.x, SL5.x i386/x86_64
2012-08-01T00:00:00
ID SL_20090702_PIDGIN_ON_SL4_X.NASL Type nessus Reporter This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof. Modified 2012-08-01T00:00:00
Description
A denial of service flaw was found in the Pidgin OSCAR protocol
implementation. If a remote ICQ user sent a web message to a local
Pidgin user using this protocol, it would cause excessive memory
usage, leading to a denial of service (Pidgin crash). (CVE-2009-1889)
These updated packages also fix the following bug :
the Yahoo! Messenger Protocol changed, making it
incompatible (and unusable) with Pidgin versions prior
to 2.5.7. This update provides Pidgin 2.5.8, which
implements version 16 of the Yahoo! Messenger Protocol,
which resolves this issue.
Note: These packages upgrade Pidgin to version 2.5.8.
Pidgin must be restarted for this update to take effect.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(60612);
script_version("1.8");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2009-1889");
script_name(english:"Scientific Linux Security Update : pidgin on SL4.x, SL5.x i386/x86_64");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Scientific Linux host is missing one or more security
updates."
);
script_set_attribute(
attribute:"description",
value:
"A denial of service flaw was found in the Pidgin OSCAR protocol
implementation. If a remote ICQ user sent a web message to a local
Pidgin user using this protocol, it would cause excessive memory
usage, leading to a denial of service (Pidgin crash). (CVE-2009-1889)
These updated packages also fix the following bug :
- the Yahoo! Messenger Protocol changed, making it
incompatible (and unusable) with Pidgin versions prior
to 2.5.7. This update provides Pidgin 2.5.8, which
implements version 16 of the Yahoo! Messenger Protocol,
which resolves this issue.
Note: These packages upgrade Pidgin to version 2.5.8.
Pidgin must be restarted for this update to take effect."
);
# https://listserv.fnal.gov/scripts/wa.exe?A2=ind0907&L=scientific-linux-errata&T=0&P=322
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?5b397c48"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_cwe_id(399);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
script_set_attribute(attribute:"vuln_publication_date", value:"2009/07/01");
script_set_attribute(attribute:"patch_publication_date", value:"2009/07/02");
script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Scientific Linux Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
flag = 0;
if (rpm_check(release:"SL4", reference:"finch-2.5.8-1.el4")) flag++;
if (rpm_check(release:"SL4", reference:"finch-devel-2.5.8-1.el4")) flag++;
if (rpm_check(release:"SL4", reference:"libpurple-2.5.8-1.el4")) flag++;
if (rpm_check(release:"SL4", reference:"libpurple-devel-2.5.8-1.el4")) flag++;
if (rpm_check(release:"SL4", reference:"libpurple-perl-2.5.8-1.el4")) flag++;
if (rpm_check(release:"SL4", reference:"libpurple-tcl-2.5.8-1.el4")) flag++;
if (rpm_check(release:"SL4", reference:"pidgin-2.5.8-1.el4")) flag++;
if (rpm_check(release:"SL4", reference:"pidgin-devel-2.5.8-1.el4")) flag++;
if (rpm_check(release:"SL4", reference:"pidgin-perl-2.5.8-1.el4")) flag++;
if (rpm_check(release:"SL5", reference:"finch-2.5.8-1.el5")) flag++;
if (rpm_check(release:"SL5", reference:"finch-devel-2.5.8-1.el5")) flag++;
if (rpm_check(release:"SL5", reference:"libpurple-2.5.8-1.el5")) flag++;
if (rpm_check(release:"SL5", reference:"libpurple-devel-2.5.8-1.el5")) flag++;
if (rpm_check(release:"SL5", reference:"libpurple-perl-2.5.8-1.el5")) flag++;
if (rpm_check(release:"SL5", reference:"libpurple-tcl-2.5.8-1.el5")) flag++;
if (rpm_check(release:"SL5", reference:"pidgin-2.5.8-1.el5")) flag++;
if (rpm_check(release:"SL5", reference:"pidgin-devel-2.5.8-1.el5")) flag++;
if (rpm_check(release:"SL5", reference:"pidgin-perl-2.5.8-1.el5")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
{"id": "SL_20090702_PIDGIN_ON_SL4_X.NASL", "bulletinFamily": "scanner", "title": "Scientific Linux Security Update : pidgin on SL4.x, SL5.x i386/x86_64", "description": "A denial of service flaw was found in the Pidgin OSCAR protocol\nimplementation. If a remote ICQ user sent a web message to a local\nPidgin user using this protocol, it would cause excessive memory\nusage, leading to a denial of service (Pidgin crash). (CVE-2009-1889)\n\nThese updated packages also fix the following bug :\n\n - the Yahoo! Messenger Protocol changed, making it\n incompatible (and unusable) with Pidgin versions prior\n to 2.5.7. This update provides Pidgin 2.5.8, which\n implements version 16 of the Yahoo! Messenger Protocol,\n which resolves this issue.\n\nNote: These packages upgrade Pidgin to version 2.5.8.\n\nPidgin must be restarted for this update to take effect.", "published": "2012-08-01T00:00:00", "modified": "2012-08-01T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "href": "https://www.tenable.com/plugins/nessus/60612", "reporter": "This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?5b397c48"], "cvelist": ["CVE-2009-1889"], "type": "nessus", "lastseen": "2021-01-17T13:44:22", "edition": 25, "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2009-1889"]}, {"type": "nessus", "idList": ["FEDORA_2009-7359.NASL", "SUSE_FINCH-6351.NASL", "FEDORA_2009-7370.NASL", "ORACLELINUX_ELSA-2009-1139.NASL", "UBUNTU_USN-796-1.NASL", "SUSE_11_0_FINCH-090709.NASL", "SUSE_GAIM-6350.NASL", "REDHAT-RHSA-2009-1139.NASL", "FEDORA_2009-7415.NASL", "CENTOS_RHSA-2009-1139.NASL"]}, {"type": "fedora", "idList": ["FEDORA:38E3310F8AC", "FEDORA:9024F10F89C", "FEDORA:1A89F10F7E6"]}, {"type": "ubuntu", "idList": ["USN-796-1"]}, {"type": "openvas", "idList": ["OPENVAS:64353", "OPENVAS:64336", "OPENVAS:64355", "OPENVAS:800823", "OPENVAS:136141256231064374", "OPENVAS:64351", "OPENVAS:136141256231064355", "OPENVAS:1361412562310800824", "OPENVAS:880796", "OPENVAS:64382"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:22133", "SECURITYVULNS:VULN:10047"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-1139"]}, {"type": "seebug", "idList": ["SSV:11744"]}, {"type": "redhat", "idList": ["RHSA-2009:1139"]}, {"type": "centos", "idList": ["CESA-2009:1139"]}, {"type": "gentoo", "idList": ["GLSA-200910-02"]}, {"type": "debian", "idList": ["DEBIAN:7CBCBF8C24D8988DB95B28F0FFCF75C8:F574C"]}], "modified": "2021-01-17T13:44:22", "rev": 2}, "score": {"value": 5.7, "vector": "NONE", "modified": "2021-01-17T13:44:22", "rev": 2}, "vulnersScore": 5.7}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60612);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1889\");\n\n script_name(english:\"Scientific Linux Security Update : pidgin on SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A denial of service flaw was found in the Pidgin OSCAR protocol\nimplementation. If a remote ICQ user sent a web message to a local\nPidgin user using this protocol, it would cause excessive memory\nusage, leading to a denial of service (Pidgin crash). (CVE-2009-1889)\n\nThese updated packages also fix the following bug :\n\n - the Yahoo! Messenger Protocol changed, making it\n incompatible (and unusable) with Pidgin versions prior\n to 2.5.7. This update provides Pidgin 2.5.8, which\n implements version 16 of the Yahoo! Messenger Protocol,\n which resolves this issue.\n\nNote: These packages upgrade Pidgin to version 2.5.8.\n\nPidgin must be restarted for this update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0907&L=scientific-linux-errata&T=0&P=322\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5b397c48\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"finch-2.5.8-1.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"finch-devel-2.5.8-1.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"libpurple-2.5.8-1.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"libpurple-devel-2.5.8-1.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"libpurple-perl-2.5.8-1.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"libpurple-tcl-2.5.8-1.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"pidgin-2.5.8-1.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"pidgin-devel-2.5.8-1.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"pidgin-perl-2.5.8-1.el4\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"finch-2.5.8-1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"finch-devel-2.5.8-1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"libpurple-2.5.8-1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"libpurple-devel-2.5.8-1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"libpurple-perl-2.5.8-1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"libpurple-tcl-2.5.8-1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"pidgin-2.5.8-1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"pidgin-devel-2.5.8-1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"pidgin-perl-2.5.8-1.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Scientific Linux Local Security Checks", "pluginID": "60612", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "scheme": null}
{"cve": [{"lastseen": "2021-02-02T05:40:02", "description": "The OSCAR protocol implementation in Pidgin before 2.5.8 misinterprets the ICQWebMessage message type as the ICQSMS message type, which allows remote attackers to cause a denial of service (application crash) via a crafted ICQ web message that triggers allocation of a large amount of memory.", "edition": 6, "cvss3": {}, "published": "2009-07-01T13:00:00", "title": "CVE-2009-1889", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1889"], "modified": "2017-09-29T01:34:00", "cpe": ["cpe:/a:pidgin:pidgin:2.1.1", "cpe:/a:pidgin:pidgin:2.0.0", "cpe:/a:pidgin:pidgin:2.2.0", "cpe:/a:pidgin:pidgin:2.5.2", "cpe:/a:pidgin:pidgin:2.4.1", "cpe:/a:pidgin:pidgin:2.5.7", "cpe:/a:pidgin:pidgin:2.5.1", "cpe:/a:pidgin:pidgin:2.5.4", "cpe:/a:pidgin:pidgin:2.0.2", "cpe:/a:pidgin:pidgin:2.2.2", "cpe:/a:pidgin:pidgin:2.3.1", "cpe:/a:pidgin:pidgin:2.3.0", "cpe:/a:pidgin:pidgin:2.4.2", "cpe:/a:pidgin:pidgin:2.4.0", "cpe:/a:pidgin:pidgin:2.4.3", "cpe:/a:pidgin:pidgin:2.5.3", "cpe:/a:pidgin:pidgin:2.5.5", "cpe:/a:pidgin:pidgin:2.5.6", "cpe:/a:pidgin:pidgin:2.5.0", "cpe:/a:pidgin:pidgin:2.2.1", "cpe:/a:pidgin:pidgin:2.0.1", "cpe:/a:pidgin:pidgin:2.1.0"], "id": "CVE-2009-1889", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1889", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:pidgin:pidgin:2.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.4:32_bit:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.6:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.0.2:*:linux:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.7:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.3:32_bit:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.5:32_bit:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:pidgin:pidgin:2.0.0:*:*:*:*:*:*:*"]}], "nessus": [{"lastseen": "2021-01-12T10:07:29", "description": "Several important bug fixes: - More fixes for Yahoo protocol 16 - MSN,\nMySpace, XMPP - CVE-2009-1889\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2009-07-06T00:00:00", "title": "Fedora 10 : pidgin-2.5.8-1.fc10 (2009-7370)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1889"], "modified": "2009-07-06T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:10", "p-cpe:/a:fedoraproject:fedora:pidgin"], "id": "FEDORA_2009-7370.NASL", "href": "https://www.tenable.com/plugins/nessus/39610", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-7370.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39610);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-1889\");\n script_bugtraq_id(35530);\n script_xref(name:\"FEDORA\", value:\"2009-7370\");\n\n script_name(english:\"Fedora 10 : pidgin-2.5.8-1.fc10 (2009-7370)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several important bug fixes: - More fixes for Yahoo protocol 16 - MSN,\nMySpace, XMPP - CVE-2009-1889\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=508738\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-July/026105.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?53538681\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pidgin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:pidgin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"pidgin-2.5.8-1.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pidgin\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:07:29", "description": "Several important bug fixes: - More fixes for Yahoo protocol 16 - MSN,\nMySpace, XMPP - CVE-2009-1889\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2009-07-06T00:00:00", "title": "Fedora 9 : pidgin-2.5.8-1.fc9 (2009-7415)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1889"], "modified": "2009-07-06T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:9", "p-cpe:/a:fedoraproject:fedora:pidgin"], "id": "FEDORA_2009-7415.NASL", "href": "https://www.tenable.com/plugins/nessus/39612", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-7415.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39612);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-1889\");\n script_bugtraq_id(35530);\n script_xref(name:\"FEDORA\", value:\"2009-7415\");\n\n script_name(english:\"Fedora 9 : pidgin-2.5.8-1.fc9 (2009-7415)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several important bug fixes: - More fixes for Yahoo protocol 16 - MSN,\nMySpace, XMPP - CVE-2009-1889\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=508738\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-July/026157.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c7df081f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pidgin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:pidgin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 9.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC9\", reference:\"pidgin-2.5.8-1.fc9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pidgin\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:07:28", "description": "Several important bug fixes: - More fixes for Yahoo protocol 16 - MSN,\nMySpace, XMPP - CVE-2009-1889\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2009-07-06T00:00:00", "title": "Fedora 11 : pidgin-2.5.8-1.fc11 (2009-7359)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1889"], "modified": "2009-07-06T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:11", "p-cpe:/a:fedoraproject:fedora:pidgin"], "id": "FEDORA_2009-7359.NASL", "href": "https://www.tenable.com/plugins/nessus/39608", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-7359.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39608);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-1889\");\n script_bugtraq_id(35530);\n script_xref(name:\"FEDORA\", value:\"2009-7359\");\n\n script_name(english:\"Fedora 11 : pidgin-2.5.8-1.fc11 (2009-7359)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several important bug fixes: - More fixes for Yahoo protocol 16 - MSN,\nMySpace, XMPP - CVE-2009-1889\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=508738\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-July/026091.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?50aa9a1a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pidgin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:pidgin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"pidgin-2.5.8-1.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pidgin\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-06T09:25:48", "description": "Updated pidgin packages that fix one security issue and one bug are\nnow available for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nPidgin is an instant messaging program which can log in to multiple\naccounts on multiple instant messaging networks simultaneously. The\nAOL Open System for CommunicAtion in Realtime (OSCAR) protocol is used\nby the AOL ICQ and AIM instant messaging systems.\n\nA denial of service flaw was found in the Pidgin OSCAR protocol\nimplementation. If a remote ICQ user sent a web message to a local\nPidgin user using this protocol, it would cause excessive memory\nusage, leading to a denial of service (Pidgin crash). (CVE-2009-1889)\n\nThese updated packages also fix the following bug :\n\n* the Yahoo! Messenger Protocol changed, making it incompatible (and\nunusable) with Pidgin versions prior to 2.5.7. This update provides\nPidgin 2.5.8, which implements version 16 of the Yahoo! Messenger\nProtocol, which resolves this issue.\n\nNote: These packages upgrade Pidgin to version 2.5.8. Refer to the\nPidgin release notes for a full list of changes:\nhttp://developer.pidgin.im/wiki/ChangeLog\n\nAll Pidgin users should upgrade to these updated packages, which\ncorrect these issues. Pidgin must be restarted for this update to take\neffect.", "edition": 26, "published": "2010-01-06T00:00:00", "title": "CentOS 5 : pidgin (CESA-2009:1139)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1889"], "modified": "2010-01-06T00:00:00", "cpe": ["p-cpe:/a:centos:centos:libpurple-tcl", "p-cpe:/a:centos:centos:pidgin-perl", "p-cpe:/a:centos:centos:finch-devel", "p-cpe:/a:centos:centos:libpurple-devel", "p-cpe:/a:centos:centos:libpurple", "p-cpe:/a:centos:centos:pidgin", "p-cpe:/a:centos:centos:finch", "p-cpe:/a:centos:centos:pidgin-devel", "cpe:/o:centos:centos:5", "p-cpe:/a:centos:centos:libpurple-perl"], "id": "CENTOS_RHSA-2009-1139.NASL", "href": "https://www.tenable.com/plugins/nessus/43766", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1139 and \n# CentOS Errata and Security Advisory 2009:1139 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(43766);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-1889\");\n script_bugtraq_id(35530);\n script_xref(name:\"RHSA\", value:\"2009:1139\");\n\n script_name(english:\"CentOS 5 : pidgin (CESA-2009:1139)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated pidgin packages that fix one security issue and one bug are\nnow available for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nPidgin is an instant messaging program which can log in to multiple\naccounts on multiple instant messaging networks simultaneously. The\nAOL Open System for CommunicAtion in Realtime (OSCAR) protocol is used\nby the AOL ICQ and AIM instant messaging systems.\n\nA denial of service flaw was found in the Pidgin OSCAR protocol\nimplementation. If a remote ICQ user sent a web message to a local\nPidgin user using this protocol, it would cause excessive memory\nusage, leading to a denial of service (Pidgin crash). (CVE-2009-1889)\n\nThese updated packages also fix the following bug :\n\n* the Yahoo! Messenger Protocol changed, making it incompatible (and\nunusable) with Pidgin versions prior to 2.5.7. This update provides\nPidgin 2.5.8, which implements version 16 of the Yahoo! Messenger\nProtocol, which resolves this issue.\n\nNote: These packages upgrade Pidgin to version 2.5.8. Refer to the\nPidgin release notes for a full list of changes:\nhttp://developer.pidgin.im/wiki/ChangeLog\n\nAll Pidgin users should upgrade to these updated packages, which\ncorrect these issues. Pidgin must be restarted for this update to take\neffect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-July/016023.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?520bc2da\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-July/016024.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f20f369d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pidgin packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:finch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:finch-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libpurple\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libpurple-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libpurple-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libpurple-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:pidgin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:pidgin-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:pidgin-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"finch-2.5.8-1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"finch-devel-2.5.8-1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"libpurple-2.5.8-1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"libpurple-devel-2.5.8-1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"libpurple-perl-2.5.8-1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"libpurple-tcl-2.5.8-1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"pidgin-2.5.8-1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"pidgin-devel-2.5.8-1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"pidgin-perl-2.5.8-1.el5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"finch / finch-devel / libpurple / libpurple-devel / libpurple-perl / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T13:06:51", "description": "Updated pidgin packages that fix one security issue and one bug are\nnow available for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nPidgin is an instant messaging program which can log in to multiple\naccounts on multiple instant messaging networks simultaneously. The\nAOL Open System for CommunicAtion in Realtime (OSCAR) protocol is used\nby the AOL ICQ and AIM instant messaging systems.\n\nA denial of service flaw was found in the Pidgin OSCAR protocol\nimplementation. If a remote ICQ user sent a web message to a local\nPidgin user using this protocol, it would cause excessive memory\nusage, leading to a denial of service (Pidgin crash). (CVE-2009-1889)\n\nThese updated packages also fix the following bug :\n\n* the Yahoo! Messenger Protocol changed, making it incompatible (and\nunusable) with Pidgin versions prior to 2.5.7. This update provides\nPidgin 2.5.8, which implements version 16 of the Yahoo! Messenger\nProtocol, which resolves this issue.\n\nNote: These packages upgrade Pidgin to version 2.5.8. Refer to the\nPidgin release notes for a full list of changes:\nhttp://developer.pidgin.im/wiki/ChangeLog\n\nAll Pidgin users should upgrade to these updated packages, which\ncorrect these issues. Pidgin must be restarted for this update to take\neffect.", "edition": 28, "published": "2009-07-03T00:00:00", "title": "RHEL 4 / 5 : pidgin (RHSA-2009:1139)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1889"], "modified": "2009-07-03T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:pidgin-perl", "cpe:/o:redhat:enterprise_linux:4", "p-cpe:/a:redhat:enterprise_linux:libpurple", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.3", "p-cpe:/a:redhat:enterprise_linux:libpurple-perl", "cpe:/o:redhat:enterprise_linux:4.8", "p-cpe:/a:redhat:enterprise_linux:pidgin-devel", "p-cpe:/a:redhat:enterprise_linux:pidgin", "p-cpe:/a:redhat:enterprise_linux:finch-devel", "p-cpe:/a:redhat:enterprise_linux:libpurple-devel", "p-cpe:/a:redhat:enterprise_linux:finch", "p-cpe:/a:redhat:enterprise_linux:libpurple-tcl"], "id": "REDHAT-RHSA-2009-1139.NASL", "href": "https://www.tenable.com/plugins/nessus/39598", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1139. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39598);\n script_version(\"1.31\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1889\");\n script_bugtraq_id(35530);\n script_xref(name:\"RHSA\", value:\"2009:1139\");\n\n script_name(english:\"RHEL 4 / 5 : pidgin (RHSA-2009:1139)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated pidgin packages that fix one security issue and one bug are\nnow available for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nPidgin is an instant messaging program which can log in to multiple\naccounts on multiple instant messaging networks simultaneously. The\nAOL Open System for CommunicAtion in Realtime (OSCAR) protocol is used\nby the AOL ICQ and AIM instant messaging systems.\n\nA denial of service flaw was found in the Pidgin OSCAR protocol\nimplementation. If a remote ICQ user sent a web message to a local\nPidgin user using this protocol, it would cause excessive memory\nusage, leading to a denial of service (Pidgin crash). (CVE-2009-1889)\n\nThese updated packages also fix the following bug :\n\n* the Yahoo! Messenger Protocol changed, making it incompatible (and\nunusable) with Pidgin versions prior to 2.5.7. This update provides\nPidgin 2.5.8, which implements version 16 of the Yahoo! Messenger\nProtocol, which resolves this issue.\n\nNote: These packages upgrade Pidgin to version 2.5.8. Refer to the\nPidgin release notes for a full list of changes:\nhttp://developer.pidgin.im/wiki/ChangeLog\n\nAll Pidgin users should upgrade to these updated packages, which\ncorrect these issues. Pidgin must be restarted for this update to take\neffect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-1889\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1139\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:finch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:finch-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libpurple\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libpurple-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libpurple-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libpurple-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pidgin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pidgin-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:pidgin-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1139\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"finch-2.5.8-1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"finch-2.5.8-1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"finch-devel-2.5.8-1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"finch-devel-2.5.8-1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"libpurple-2.5.8-1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"libpurple-2.5.8-1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"libpurple-devel-2.5.8-1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"libpurple-devel-2.5.8-1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"libpurple-perl-2.5.8-1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"libpurple-perl-2.5.8-1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"libpurple-tcl-2.5.8-1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"libpurple-tcl-2.5.8-1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"pidgin-2.5.8-1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"pidgin-2.5.8-1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"pidgin-devel-2.5.8-1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"pidgin-devel-2.5.8-1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"i386\", reference:\"pidgin-perl-2.5.8-1.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", cpu:\"x86_64\", reference:\"pidgin-perl-2.5.8-1.el4\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"finch-2.5.8-1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"finch-2.5.8-1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"finch-devel-2.5.8-1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"finch-devel-2.5.8-1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"libpurple-2.5.8-1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"libpurple-2.5.8-1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"libpurple-devel-2.5.8-1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"libpurple-devel-2.5.8-1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"libpurple-perl-2.5.8-1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"libpurple-perl-2.5.8-1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"libpurple-tcl-2.5.8-1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"libpurple-tcl-2.5.8-1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"pidgin-2.5.8-1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"pidgin-2.5.8-1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"pidgin-devel-2.5.8-1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"pidgin-devel-2.5.8-1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"pidgin-perl-2.5.8-1.el5\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"pidgin-perl-2.5.8-1.el5\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"finch / finch-devel / libpurple / libpurple-devel / libpurple-perl / etc\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T12:44:37", "description": "From Red Hat Security Advisory 2009:1139 :\n\nUpdated pidgin packages that fix one security issue and one bug are\nnow available for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nPidgin is an instant messaging program which can log in to multiple\naccounts on multiple instant messaging networks simultaneously. The\nAOL Open System for CommunicAtion in Realtime (OSCAR) protocol is used\nby the AOL ICQ and AIM instant messaging systems.\n\nA denial of service flaw was found in the Pidgin OSCAR protocol\nimplementation. If a remote ICQ user sent a web message to a local\nPidgin user using this protocol, it would cause excessive memory\nusage, leading to a denial of service (Pidgin crash). (CVE-2009-1889)\n\nThese updated packages also fix the following bug :\n\n* the Yahoo! Messenger Protocol changed, making it incompatible (and\nunusable) with Pidgin versions prior to 2.5.7. This update provides\nPidgin 2.5.8, which implements version 16 of the Yahoo! Messenger\nProtocol, which resolves this issue.\n\nNote: These packages upgrade Pidgin to version 2.5.8. Refer to the\nPidgin release notes for a full list of changes:\nhttp://developer.pidgin.im/wiki/ChangeLog\n\nAll Pidgin users should upgrade to these updated packages, which\ncorrect these issues. Pidgin must be restarted for this update to take\neffect.", "edition": 26, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 4 : pidgin (ELSA-2009-1139)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1889"], "modified": "2013-07-12T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:pidgin", "p-cpe:/a:oracle:linux:libpurple-devel", "p-cpe:/a:oracle:linux:finch", "p-cpe:/a:oracle:linux:pidgin-perl", "p-cpe:/a:oracle:linux:libpurple", "p-cpe:/a:oracle:linux:libpurple-tcl", "p-cpe:/a:oracle:linux:finch-devel", "p-cpe:/a:oracle:linux:libpurple-perl", "cpe:/o:oracle:linux:4", "p-cpe:/a:oracle:linux:pidgin-devel"], "id": "ORACLELINUX_ELSA-2009-1139.NASL", "href": "https://www.tenable.com/plugins/nessus/67888", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:1139 and \n# Oracle Linux Security Advisory ELSA-2009-1139 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67888);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1889\");\n script_bugtraq_id(35530);\n script_xref(name:\"RHSA\", value:\"2009:1139\");\n\n script_name(english:\"Oracle Linux 4 : pidgin (ELSA-2009-1139)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:1139 :\n\nUpdated pidgin packages that fix one security issue and one bug are\nnow available for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nPidgin is an instant messaging program which can log in to multiple\naccounts on multiple instant messaging networks simultaneously. The\nAOL Open System for CommunicAtion in Realtime (OSCAR) protocol is used\nby the AOL ICQ and AIM instant messaging systems.\n\nA denial of service flaw was found in the Pidgin OSCAR protocol\nimplementation. If a remote ICQ user sent a web message to a local\nPidgin user using this protocol, it would cause excessive memory\nusage, leading to a denial of service (Pidgin crash). (CVE-2009-1889)\n\nThese updated packages also fix the following bug :\n\n* the Yahoo! Messenger Protocol changed, making it incompatible (and\nunusable) with Pidgin versions prior to 2.5.7. This update provides\nPidgin 2.5.8, which implements version 16 of the Yahoo! Messenger\nProtocol, which resolves this issue.\n\nNote: These packages upgrade Pidgin to version 2.5.8. Refer to the\nPidgin release notes for a full list of changes:\nhttp://developer.pidgin.im/wiki/ChangeLog\n\nAll Pidgin users should upgrade to these updated packages, which\ncorrect these issues. Pidgin must be restarted for this update to take\neffect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-July/001068.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected pidgin packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:finch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:finch-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libpurple\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libpurple-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libpurple-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libpurple-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pidgin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pidgin-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pidgin-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"finch-2.5.8-1.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"finch-devel-2.5.8-1.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"libpurple-2.5.8-1.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"libpurple-devel-2.5.8-1.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"libpurple-perl-2.5.8-1.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"libpurple-tcl-2.5.8-1.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"pidgin-2.5.8-1.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"pidgin-devel-2.5.8-1.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"pidgin-perl-2.5.8-1.el4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"finch / finch-devel / libpurple / libpurple-devel / libpurple-perl / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-20T15:44:38", "description": "Yuriy Kaminskiy discovered that Pidgin did not properly handle certain\nmessages in the ICQ protocol handler. A remote attacker could send a\nspecially crafted message and cause Pidgin to crash.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2009-07-07T00:00:00", "title": "Ubuntu 8.04 LTS / 8.10 / 9.04 : pidgin vulnerability (USN-796-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1889"], "modified": "2009-07-07T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libpurple0", "p-cpe:/a:canonical:ubuntu_linux:pidgin-dev", "p-cpe:/a:canonical:ubuntu_linux:pidgin-data", "p-cpe:/a:canonical:ubuntu_linux:finch", "p-cpe:/a:canonical:ubuntu_linux:libpurple-dev", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:finch-dev", "p-cpe:/a:canonical:ubuntu_linux:gaim", "cpe:/o:canonical:ubuntu_linux:8.10", "cpe:/o:canonical:ubuntu_linux:9.04", "p-cpe:/a:canonical:ubuntu_linux:libpurple-bin", "p-cpe:/a:canonical:ubuntu_linux:pidgin-dbg", "p-cpe:/a:canonical:ubuntu_linux:pidgin"], "id": "UBUNTU_USN-796-1.NASL", "href": "https://www.tenable.com/plugins/nessus/39619", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-796-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39619);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2009-1889\");\n script_bugtraq_id(35530);\n script_xref(name:\"USN\", value:\"796-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 8.10 / 9.04 : pidgin vulnerability (USN-796-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Yuriy Kaminskiy discovered that Pidgin did not properly handle certain\nmessages in the ICQ protocol handler. A remote attacker could send a\nspecially crafted message and cause Pidgin to crash.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/796-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:finch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:finch-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpurple-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpurple-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libpurple0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:pidgin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:pidgin-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:pidgin-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:pidgin-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(8\\.04|8\\.10|9\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 8.10 / 9.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"finch\", pkgver:\"2.4.1-1ubuntu2.5\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"finch-dev\", pkgver:\"2.4.1-1ubuntu2.5\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"gaim\", pkgver:\"2.4.1-1ubuntu2.5\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libpurple-bin\", pkgver:\"2.4.1-1ubuntu2.5\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libpurple-dev\", pkgver:\"2.4.1-1ubuntu2.5\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"libpurple0\", pkgver:\"2.4.1-1ubuntu2.5\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"pidgin\", pkgver:\"1:2.4.1-1ubuntu2.5\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"pidgin-data\", pkgver:\"2.4.1-1ubuntu2.5\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"pidgin-dbg\", pkgver:\"2.4.1-1ubuntu2.5\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"pidgin-dev\", pkgver:\"2.4.1-1ubuntu2.5\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"finch\", pkgver:\"2.5.2-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"finch-dev\", pkgver:\"2.5.2-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libpurple-bin\", pkgver:\"2.5.2-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libpurple-dev\", pkgver:\"2.5.2-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"libpurple0\", pkgver:\"2.5.2-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"pidgin\", pkgver:\"1:2.5.2-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"pidgin-data\", pkgver:\"2.5.2-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"pidgin-dbg\", pkgver:\"2.5.2-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"pidgin-dev\", pkgver:\"2.5.2-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"finch\", pkgver:\"2.5.5-1ubuntu8.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"finch-dev\", pkgver:\"2.5.5-1ubuntu8.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libpurple-bin\", pkgver:\"2.5.5-1ubuntu8.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libpurple-dev\", pkgver:\"2.5.5-1ubuntu8.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"libpurple0\", pkgver:\"2.5.5-1ubuntu8.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"pidgin\", pkgver:\"1:2.5.5-1ubuntu8.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"pidgin-data\", pkgver:\"2.5.5-1ubuntu8.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"pidgin-dbg\", pkgver:\"2.5.5-1ubuntu8.3\")) flag++;\nif (ubuntu_check(osver:\"9.04\", pkgname:\"pidgin-dev\", pkgver:\"2.5.5-1ubuntu8.3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"finch / finch-dev / gaim / libpurple-bin / libpurple-dev / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T14:44:08", "description": " - malformed responses to file transfers could cause a\n buffer overflow in pidgin. (CVE-2009-1373)\n\n - the fix against integer overflows in the msn protocol\n handling was incomplete. (CVE-2009-1376)\n\n - certain ICQ message types could crash pidgin.\n (CVE-2009-1889)", "edition": 25, "published": "2011-01-27T00:00:00", "title": "SuSE 10 Security Update : gaim (ZYPP Patch Number 6350)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1376", "CVE-2009-1889", "CVE-2009-1373"], "modified": "2011-01-27T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_GAIM-6350.NASL", "href": "https://www.tenable.com/plugins/nessus/51744", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51744);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1373\", \"CVE-2009-1376\", \"CVE-2009-1889\");\n\n script_name(english:\"SuSE 10 Security Update : gaim (ZYPP Patch Number 6350)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - malformed responses to file transfers could cause a\n buffer overflow in pidgin. (CVE-2009-1373)\n\n - the fix against integer overflows in the msn protocol\n handling was incomplete. (CVE-2009-1376)\n\n - certain ICQ message types could crash pidgin.\n (CVE-2009-1889)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1373.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1376.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1889.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6350.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"gaim-1.5.0-50.34\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"gaim-devel-1.5.0-50.34\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T14:04:16", "description": "Several bugfixes were done for the Instant Messenger Pidgin :\n\n - Malformed responses to file transfers could cause a\n buffer overflow in pidgin (CVE-2009-1373) and specially\n crafted packets could crash it (CVE-2009-1375).\n\n - The fix against integer overflows in the msn protocol\n handling was incomplete (CVE-2009-1376).\n\n - Fixed misparsing ICQ message as SMS DoS (CVE-2009-1889,\n Pidgin#9483).\n\nAlso the Yahoo IM protocol was made to work again.", "edition": 25, "published": "2009-07-22T00:00:00", "title": "openSUSE Security Update : finch (finch-1088)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1889", "CVE-2009-1373"], "modified": "2009-07-22T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:finch", "p-cpe:/a:novell:opensuse:finch-devel", "p-cpe:/a:novell:opensuse:libpurple-meanwhile", "cpe:/o:novell:opensuse:11.1", "p-cpe:/a:novell:opensuse:libpurple-lang", "p-cpe:/a:novell:opensuse:pidgin-devel", "p-cpe:/a:novell:opensuse:libpurple-mono", "p-cpe:/a:novell:opensuse:pidgin", "p-cpe:/a:novell:opensuse:libpurple", "p-cpe:/a:novell:opensuse:libpurple-devel"], "id": "SUSE_11_1_FINCH-090708.NASL", "href": "https://www.tenable.com/plugins/nessus/40338", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update finch-1088.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40338);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1373\", \"CVE-2009-1375\", \"CVE-2009-1376\", \"CVE-2009-1889\");\n\n script_name(english:\"openSUSE Security Update : finch (finch-1088)\");\n script_summary(english:\"Check for the finch-1088 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several bugfixes were done for the Instant Messenger Pidgin :\n\n - Malformed responses to file transfers could cause a\n buffer overflow in pidgin (CVE-2009-1373) and specially\n crafted packets could crash it (CVE-2009-1375).\n\n - The fix against integer overflows in the msn protocol\n handling was incomplete (CVE-2009-1376).\n\n - Fixed misparsing ICQ message as SMS DoS (CVE-2009-1889,\n Pidgin#9483).\n\nAlso the Yahoo IM protocol was made to work again.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=404163\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=503447\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=517786\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=518301\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected finch packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:finch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:finch-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpurple\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpurple-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpurple-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpurple-meanwhile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpurple-mono\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pidgin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pidgin-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/05/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"finch-2.5.1-3.12.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"finch-devel-2.5.1-3.12.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libpurple-2.5.1-3.12.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libpurple-devel-2.5.1-3.12.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libpurple-lang-2.5.1-3.12.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libpurple-meanwhile-2.5.1-3.12.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libpurple-mono-2.5.1-3.12.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"pidgin-2.5.1-3.12.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"pidgin-devel-2.5.1-3.12.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"pidgin\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T14:43:34", "description": "Several bugfixes were done for the Instant Messenger Pidgin :\n\n - Malformed responses to file transfers could cause a\n buffer overflow in pidgin (CVE-2009-1373) and specially\n crafted packets could crash it. (CVE-2009-1375)\n\n - The fix against integer overflows in the msn protocol\n handling was incomplete. (CVE-2009-1376)\n\n - Fixed misparsing ICQ message as SMS DoS (CVE-2009-1889,\n Pidgin#9483).\n\nAlso the Yahoo IM protocol was made to work again.", "edition": 25, "published": "2011-01-27T00:00:00", "title": "SuSE 10 Security Update : pidgin (ZYPP Patch Number 6342)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1889", "CVE-2009-1373"], "modified": "2011-01-27T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_FINCH-6342.NASL", "href": "https://www.tenable.com/plugins/nessus/51723", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51723);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-1373\", \"CVE-2009-1375\", \"CVE-2009-1376\", \"CVE-2009-1889\");\n\n script_name(english:\"SuSE 10 Security Update : pidgin (ZYPP Patch Number 6342)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several bugfixes were done for the Instant Messenger Pidgin :\n\n - Malformed responses to file transfers could cause a\n buffer overflow in pidgin (CVE-2009-1373) and specially\n crafted packets could crash it. (CVE-2009-1375)\n\n - The fix against integer overflows in the msn protocol\n handling was incomplete. (CVE-2009-1376)\n\n - Fixed misparsing ICQ message as SMS DoS (CVE-2009-1889,\n Pidgin#9483).\n\nAlso the Yahoo IM protocol was made to work again.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1373.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1375.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1376.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-1889.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6342.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(119, 189, 399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"finch-2.3.1-10.15\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"libpurple-2.3.1-10.15\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"pidgin-2.3.1-10.15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:33", "bulletinFamily": "software", "cvelist": ["CVE-2009-1889"], "description": "Memory exhaustion on OSCAR (ICQ) ICQWebMessage message processing.", "edition": 1, "modified": "2009-07-07T00:00:00", "published": "2009-07-07T00:00:00", "id": "SECURITYVULNS:VULN:10047", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10047", "title": "Pidgin instant messenger DoS", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:30", "bulletinFamily": "software", "cvelist": ["CVE-2009-1889"], "description": "\r\n===========================================================\r\nUbuntu Security Notice USN-796-1 July 06, 2009\r\npidgin vulnerability\r\nCVE-2009-1889\r\n===========================================================\r\n\r\nA security issue affects the following Ubuntu releases:\r\n\r\nUbuntu 8.04 LTS\r\nUbuntu 8.10\r\nUbuntu 9.04\r\n\r\nThis advisory also applies to the corresponding versions of\r\nKubuntu, Edubuntu, and Xubuntu.\r\n\r\nThe problem can be corrected by upgrading your system to the\r\nfollowing package versions:\r\n\r\nUbuntu 8.04 LTS:\r\n pidgin 1:2.4.1-1ubuntu2.5\r\n\r\nUbuntu 8.10:\r\n pidgin 1:2.5.2-0ubuntu1.3\r\n\r\nUbuntu 9.04:\r\n pidgin 1:2.5.5-1ubuntu8.3\r\n\r\nAfter a standard system upgrade you need to restart Pidgin to effect\r\nthe necessary changes.\r\n\r\nDetails follow:\r\n\r\nYuriy Kaminskiy discovered that Pidgin did not properly handle certain\r\nmessages in the ICQ protocol handler. A remote attacker could send a\r\nspecially crafted message and cause Pidgin to crash.\r\n\r\n\r\nUpdated packages for Ubuntu 8.04 LTS:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin_2.4.1-1ubuntu2.5.diff.gz\r\n Size/MD5: 69164 c70f15e2d9925bd9a59b50840bfb7955\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin_2.4.1-1ubuntu2.5.dsc\r\n Size/MD5: 1539 721951dceb5f4f14ae2bb4448ad1cac6\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin_2.4.1.orig.tar.gz\r\n Size/MD5: 13297380 25e3593d5e6bfc17911111475a057778\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/finch-dev_2.4.1-1ubuntu2.5_all.deb\r\n Size/MD5: 37848 19e50d194b3f88411ecad8fb59ca84ac\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple-bin_2.4.1-1ubuntu2.5_all.deb\r\n Size/MD5: 92484 8689a019c2ca2b38e15aff511afcb126\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple-dev_2.4.1-1ubuntu2.5_all.deb\r\n Size/MD5: 234622 57a60ab7b5b8200b1c59664fcaed09ad\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-data_2.4.1-1ubuntu2.5_all.deb\r\n Size/MD5: 1329072 1ccf6543b453ea97c93adeaf3c8cecab\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-dev_2.4.1-1ubuntu2.5_all.deb\r\n Size/MD5: 72644 4cf5e0c20fe9d4e45bf5dbfa9a1977db\r\n http://security.ubuntu.com/ubuntu/pool/universe/p/pidgin/gaim_2.4.1-1ubuntu2.5_all.deb\r\n Size/MD5: 86650 981f86978bf9d05d0325ca147789ba6a\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/finch_2.4.1-1ubuntu2.5_amd64.deb\r\n Size/MD5: 226882 19cfa44a561a43bc3fa11428fbafddaa\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple0_2.4.1-1ubuntu2.5_amd64.deb\r\n Size/MD5: 1604968 fb1664d9db6f4dcb7515cf0621a0e2c2\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-dbg_2.4.1-1ubuntu2.5_amd64.deb\r\n Size/MD5: 4432872 e82202e8158bd7fc5e528eff6352e9f1\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin_2.4.1-1ubuntu2.5_amd64.deb\r\n Size/MD5: 572092 d745457004a88ace8afe8327919c8366\r\n\r\n i386 architecture (x86 compatible Intel/AMD):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/finch_2.4.1-1ubuntu2.5_i386.deb\r\n Size/MD5: 200870 62ba621c0643d3dd4e8a10e7fb627be6\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple0_2.4.1-1ubuntu2.5_i386.deb\r\n Size/MD5: 1365264 b8851b1dfcc45e5112379d86a8560b4f\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-dbg_2.4.1-1ubuntu2.5_i386.deb\r\n Size/MD5: 4242726 8d34410391640602f5fbaab114637eea\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin_2.4.1-1ubuntu2.5_i386.deb\r\n Size/MD5: 517136 f27931424aae4d2df6d9276d57778ef4\r\n\r\n lpia architecture (Low Power Intel Architecture):\r\n\r\n http://ports.ubuntu.com/pool/main/p/pidgin/finch_2.4.1-1ubuntu2.5_lpia.deb\r\n Size/MD5: 197190 125d9dc936b19fc2e30b63395cc91311\r\n http://ports.ubuntu.com/pool/main/p/pidgin/libpurple0_2.4.1-1ubuntu2.5_lpia.deb\r\n Size/MD5: 1415410 264502f259c45da978283cd2deed21ff\r\n http://ports.ubuntu.com/pool/main/p/pidgin/pidgin-dbg_2.4.1-1ubuntu2.5_lpia.deb\r\n Size/MD5: 4372712 4815c0b8f5e5db6a483b9b7b5e90202f\r\n http://ports.ubuntu.com/pool/main/p/pidgin/pidgin_2.4.1-1ubuntu2.5_lpia.deb\r\n Size/MD5: 511658 3fe599d6288bcc92b1eaa8df579a7fae\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5):\r\n\r\n http://ports.ubuntu.com/pool/main/p/pidgin/finch_2.4.1-1ubuntu2.5_powerpc.deb\r\n Size/MD5: 237202 c45aea5032ff9e61326243cf29fe58ca\r\n http://ports.ubuntu.com/pool/main/p/pidgin/libpurple0_2.4.1-1ubuntu2.5_powerpc.deb\r\n Size/MD5: 1633736 3c8b4d4c45b28d0726bc6669c1e82e9c\r\n http://ports.ubuntu.com/pool/main/p/pidgin/pidgin-dbg_2.4.1-1ubuntu2.5_powerpc.deb\r\n Size/MD5: 4475886 fde137ce8d58e26fb707478742563802\r\n http://ports.ubuntu.com/pool/main/p/pidgin/pidgin_2.4.1-1ubuntu2.5_powerpc.deb\r\n Size/MD5: 589636 2f142dc2f8674578f52743bd6db54245\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC):\r\n\r\n http://ports.ubuntu.com/pool/main/p/pidgin/finch_2.4.1-1ubuntu2.5_sparc.deb\r\n Size/MD5: 212832 e0931b8368e9a5be0edc1dcad7af9cc5\r\n http://ports.ubuntu.com/pool/main/p/pidgin/libpurple0_2.4.1-1ubuntu2.5_sparc.deb\r\n Size/MD5: 1531968 60665d8ee53ac8f2b83579c6ef120743\r\n http://ports.ubuntu.com/pool/main/p/pidgin/pidgin-dbg_2.4.1-1ubuntu2.5_sparc.deb\r\n Size/MD5: 4364144 49f051b8a8c85d449e074f43889c6455\r\n http://ports.ubuntu.com/pool/main/p/pidgin/pidgin_2.4.1-1ubuntu2.5_sparc.deb\r\n Size/MD5: 545640 dca0481b3b91cac603d926d0b364a075\r\n\r\nUpdated packages for Ubuntu 8.10:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin_2.5.2-0ubuntu1.3.diff.gz\r\n Size/MD5: 61109 89770bcc35af977d3b33c5d4fd432ba1\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin_2.5.2-0ubuntu1.3.dsc\r\n Size/MD5: 1995 1e9143dccb487f7a07ff787faf305316\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin_2.5.2.orig.tar.gz\r\n Size/MD5: 11642659 3ad83133a2381087cbdddf42ba5d6ecf\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/finch-dev_2.5.2-0ubuntu1.3_all.deb\r\n Size/MD5: 38228 e74e5d5bdd6259248715951152db8960\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple-bin_2.5.2-0ubuntu1.3_all.deb\r\n Size/MD5: 94990 87c0100cb825079578ff39896e39e5bb\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple-dev_2.5.2-0ubuntu1.3_all.deb\r\n Size/MD5: 242446 77f527142b4d4ba5de074e24e4c40b8f\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-data_2.5.2-0ubuntu1.3_all.deb\r\n Size/MD5: 1107018 0dbc651de63d442652be3dae6eb60bac\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-dev_2.5.2-0ubuntu1.3_all.deb\r\n Size/MD5: 1357364 ffeeba39751c4d846dedd7f68b236111\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/finch_2.5.2-0ubuntu1.3_amd64.deb\r\n Size/MD5: 230062 f32d151342bd2936e5737786d84afb4d\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple0_2.5.2-0ubuntu1.3_amd64.deb\r\n Size/MD5: 1754728 717f54c80158df99362fa15fc7675262\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-dbg_2.5.2-0ubuntu1.3_amd64.deb\r\n Size/MD5: 4660546 6803c0dde881db7b106b3157aa4546a6\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin_2.5.2-0ubuntu1.3_amd64.deb\r\n Size/MD5: 613972 a4f2911a092fe319c3484d21f8cd23b9\r\n\r\n i386 architecture (x86 compatible Intel/AMD):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/finch_2.5.2-0ubuntu1.3_i386.deb\r\n Size/MD5: 204022 5503dd4f172149179c10a7fbf015f644\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple0_2.5.2-0ubuntu1.3_i386.deb\r\n Size/MD5: 1503360 98ac05ca1f329a7e6d150973d4309c1c\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-dbg_2.5.2-0ubuntu1.3_i386.deb\r\n Size/MD5: 4464556 2b2830ae442a2916342ef423658d0e55\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin_2.5.2-0ubuntu1.3_i386.deb\r\n Size/MD5: 559586 ae2c916503d04c5443f7e94df2d78fd1\r\n\r\n lpia architecture (Low Power Intel Architecture):\r\n\r\n http://ports.ubuntu.com/pool/main/p/pidgin/finch_2.5.2-0ubuntu1.3_lpia.deb\r\n Size/MD5: 200652 4ceb5dad8ace3009147da0c4a9e72a36\r\n http://ports.ubuntu.com/pool/main/p/pidgin/libpurple0_2.5.2-0ubuntu1.3_lpia.deb\r\n Size/MD5: 1552258 c2d933448089b75d6b183b93623a5fbb\r\n http://ports.ubuntu.com/pool/main/p/pidgin/pidgin-dbg_2.5.2-0ubuntu1.3_lpia.deb\r\n Size/MD5: 4599392 638b6d2eaead1319f58776241f617580\r\n http://ports.ubuntu.com/pool/main/p/pidgin/pidgin_2.5.2-0ubuntu1.3_lpia.deb\r\n Size/MD5: 553784 550a852c80fb57899a429dee2e8ed51a\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5):\r\n\r\n http://ports.ubuntu.com/pool/main/p/pidgin/finch_2.5.2-0ubuntu1.3_powerpc.deb\r\n Size/MD5: 235470 97e13f09b0c1be4ca8460089b3462106\r\n http://ports.ubuntu.com/pool/main/p/pidgin/libpurple0_2.5.2-0ubuntu1.3_powerpc.deb\r\n Size/MD5: 1790468 72432fac2c37bbe8b245b4f49b14accd\r\n http://ports.ubuntu.com/pool/main/p/pidgin/pidgin-dbg_2.5.2-0ubuntu1.3_powerpc.deb\r\n Size/MD5: 4684996 ba2f04783a3055c59b89309f45aaf7cb\r\n http://ports.ubuntu.com/pool/main/p/pidgin/pidgin_2.5.2-0ubuntu1.3_powerpc.deb\r\n Size/MD5: 619552 e98dedff7d91d7b1e9c36f0d73ad1d24\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC):\r\n\r\n http://ports.ubuntu.com/pool/main/p/pidgin/finch_2.5.2-0ubuntu1.3_sparc.deb\r\n Size/MD5: 217316 4139672f16928314f6fb1ab4a92649f9\r\n http://ports.ubuntu.com/pool/main/p/pidgin/libpurple0_2.5.2-0ubuntu1.3_sparc.deb\r\n Size/MD5: 1682752 3660dcc970dc9e6f15cdc4619ffa20a4\r\n http://ports.ubuntu.com/pool/main/p/pidgin/pidgin-dbg_2.5.2-0ubuntu1.3_sparc.deb\r\n Size/MD5: 4586880 d2931f64f5b78a1d999c80eeb9c82546\r\n http://ports.ubuntu.com/pool/main/p/pidgin/pidgin_2.5.2-0ubuntu1.3_sparc.deb\r\n Size/MD5: 590742 9dcb513bb95f1a374de48193b5d38137\r\n\r\nUpdated packages for Ubuntu 9.04:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin_2.5.5-1ubuntu8.3.diff.gz\r\n Size/MD5: 132541 c77f3f90cc45c046f39d530cfa080021\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin_2.5.5-1ubuntu8.3.dsc\r\n Size/MD5: 1935 8ace33777a3ffe91d97759bb2c255997\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin_2.5.5.orig.tar.gz\r\n Size/MD5: 11989031 08d9c0c8dd43dbcec6f67d8ba596029f\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/finch-dev_2.5.5-1ubuntu8.3_all.deb\r\n Size/MD5: 38440 68fb60c8132a5cc683b5533b16882232\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple-bin_2.5.5-1ubuntu8.3_all.deb\r\n Size/MD5: 97546 9b9e3becf081a9a1502e6e7c2f369145\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple-dev_2.5.5-1ubuntu8.3_all.deb\r\n Size/MD5: 245608 da22fe05f8bfd598009949876b375842\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-data_2.5.5-1ubuntu8.3_all.deb\r\n Size/MD5: 1150856 c5b88feffc26cea5f989bb842700983d\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-dev_2.5.5-1ubuntu8.3_all.deb\r\n Size/MD5: 1371436 c3e146ca3f2e9b9e3a1e35e159de39fa\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/finch_2.5.5-1ubuntu8.3_amd64.deb\r\n Size/MD5: 235088 6313965554f24edae96d269b8ea5743e\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple0_2.5.5-1ubuntu8.3_amd64.deb\r\n Size/MD5: 1769464 2b2735ffe403873bb9ddec66c7489533\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-dbg_2.5.5-1ubuntu8.3_amd64.deb\r\n Size/MD5: 5844998 864aa68cfe5341be94d935e587117790\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin_2.5.5-1ubuntu8.3_amd64.deb\r\n Size/MD5: 567412 359558290269a12016cfae47e6d704d1\r\n\r\n i386 architecture (x86 compatible Intel/AMD):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/finch_2.5.5-1ubuntu8.3_i386.deb\r\n Size/MD5: 213596 081632a915de7aed83f5329a8e09893e\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple0_2.5.5-1ubuntu8.3_i386.deb\r\n Size/MD5: 1552816 fe9ae42391f21c1062c278d5a0947619\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-dbg_2.5.5-1ubuntu8.3_i386.deb\r\n Size/MD5: 5447566 55fa8f1a1cfd84dd68721055b5e3d59c\r\n http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin_2.5.5-1ubuntu8.3_i386.deb\r\n Size/MD5: 519330 1ae4aec80e938141ec3cbe35732f75a4\r\n\r\n lpia architecture (Low Power Intel Architecture):\r\n\r\n http://ports.ubuntu.com/pool/main/p/pidgin/finch_2.5.5-1ubuntu8.3_lpia.deb\r\n Size/MD5: 212130 6ae6d63272086da03f350d8d8d68a0fd\r\n http://ports.ubuntu.com/pool/main/p/pidgin/libpurple0_2.5.5-1ubuntu8.3_lpia.deb\r\n Size/MD5: 1613110 d4c1dbe21f394c8296832de692d65cce\r\n http://ports.ubuntu.com/pool/main/p/pidgin/pidgin-dbg_2.5.5-1ubuntu8.3_lpia.deb\r\n Size/MD5: 5594480 bcafb8cef0b0cece6a67fd00deed226d\r\n http://ports.ubuntu.com/pool/main/p/pidgin/pidgin_2.5.5-1ubuntu8.3_lpia.deb\r\n Size/MD5: 518524 bd071ffbeeef67ca7372e1743b29efd1\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5):\r\n\r\n http://ports.ubuntu.com/pool/main/p/pidgin/finch_2.5.5-1ubuntu8.3_powerpc.deb\r\n Size/MD5: 245172 a180211f55d969060d68fdf1546a625f\r\n http://ports.ubuntu.com/pool/main/p/pidgin/libpurple0_2.5.5-1ubuntu8.3_powerpc.deb\r\n Size/MD5: 1825558 bc765d890d566e67f308875a3df0c916\r\n http://ports.ubuntu.com/pool/main/p/pidgin/pidgin-dbg_2.5.5-1ubuntu8.3_powerpc.deb\r\n Size/MD5: 5758770 3caed5b7d90fd31babc1538b8d7a1462\r\n http://ports.ubuntu.com/pool/main/p/pidgin/pidgin_2.5.5-1ubuntu8.3_powerpc.deb\r\n Size/MD5: 580986 c20fb6fe4d0c39ffb808e741c97e6104\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC):\r\n\r\n http://ports.ubuntu.com/pool/main/p/pidgin/finch_2.5.5-1ubuntu8.3_sparc.deb\r\n Size/MD5: 214650 5aefec6c79a64ad3660976dd7b4adf97\r\n http://ports.ubuntu.com/pool/main/p/pidgin/libpurple0_2.5.5-1ubuntu8.3_sparc.deb\r\n Size/MD5: 1640188 baa4c74f1e28da77dfd45516ce158f3d\r\n http://ports.ubuntu.com/pool/main/p/pidgin/pidgin-dbg_2.5.5-1ubuntu8.3_sparc.deb\r\n Size/MD5: 5292090 20d0c003f0e1977ebe20aaef22b3976f\r\n http://ports.ubuntu.com/pool/main/p/pidgin/pidgin_2.5.5-1ubuntu8.3_sparc.deb\r\n Size/MD5: 522162 528d8ae42a85cbf0a56c4ebd9477a8b9\r\n\r\n", "edition": 1, "modified": "2009-07-07T00:00:00", "published": "2009-07-07T00:00:00", "id": "SECURITYVULNS:DOC:22133", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:22133", "title": "[USN-796-1] Pidgin vulnerability", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2020-07-09T00:28:37", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1889"], "description": "Yuriy Kaminskiy discovered that Pidgin did not properly handle certain \nmessages in the ICQ protocol handler. A remote attacker could send a \nspecially crafted message and cause Pidgin to crash.", "edition": 5, "modified": "2009-07-06T00:00:00", "published": "2009-07-06T00:00:00", "id": "USN-796-1", "href": "https://ubuntu.com/security/notices/USN-796-1", "title": "Pidgin vulnerability", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:45:34", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1889"], "description": "Pidgin is an instant messaging program which can log in to multiple\naccounts on multiple instant messaging networks simultaneously. The AOL\nOpen System for CommunicAtion in Realtime (OSCAR) protocol is used by the\nAOL ICQ and AIM instant messaging systems.\n\nA denial of service flaw was found in the Pidgin OSCAR protocol\nimplementation. If a remote ICQ user sent a web message to a local Pidgin\nuser using this protocol, it would cause excessive memory usage, leading to\na denial of service (Pidgin crash). (CVE-2009-1889)\n\nThese updated packages also fix the following bug:\n\n* the Yahoo! Messenger Protocol changed, making it incompatible (and\nunusable) with Pidgin versions prior to 2.5.7. This update provides Pidgin\n2.5.8, which implements version 16 of the Yahoo! Messenger Protocol, which\nresolves this issue.\n\nNote: These packages upgrade Pidgin to version 2.5.8. Refer to the Pidgin\nrelease notes for a full list of changes:\nhttp://developer.pidgin.im/wiki/ChangeLog\n\nAll Pidgin users should upgrade to these updated packages, which correct\nthese issues. Pidgin must be restarted for this update to take effect.", "modified": "2017-09-08T12:08:50", "published": "2009-07-02T04:00:00", "id": "RHSA-2009:1139", "href": "https://access.redhat.com/errata/RHSA-2009:1139", "type": "redhat", "title": "(RHSA-2009:1139) Moderate: pidgin security and bug fix update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "seebug": [{"lastseen": "2017-11-19T18:52:02", "description": "BUGTRAQ ID: 35530\r\nCVE(CAN) ID: CVE-2009-1889\r\n\r\nPidgin\u662f\u652f\u6301\u591a\u79cd\u534f\u8bae\u7684\u5373\u65f6\u901a\u8baf\u5ba2\u6237\u7aef\u3002\r\n\r\nPidgin\u7684\u5b9e\u65f6\u901a\u8baf\u5f00\u653e\u7cfb\u7edf\uff08OSCAR\uff09\u534f\u8bae\u5b9e\u73b0\u4e2d\u5b58\u5728\u8d8a\u754c\u5185\u5b58\u8bbf\u95ee\u6f0f\u6d1e\u3002\u5982\u679c\u8fdc\u7a0bICQ\u7528\u6237\u5411\u4f7f\u7528\u8fd9\u4e2a\u534f\u8bae\u7684Pidgin\u7528\u6237\u53d1\u9001\u4e86\u7279\u5236web\u6d88\u606f\u7684\u8bdd\uff0c\u5c31\u4f1a\u5bfc\u81f4\u5206\u914d\u8fc7\u591a\u7684\u5185\u5b58\uff0c\u5ba2\u6237\u7aef\u53ef\u80fd\u4f1a\u5d29\u6e83\u3002\n\nPidgin < 2.5.8\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nPidgin\r\n------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://developer.pidgin.im/ticket/9483", "published": "2009-07-02T00:00:00", "title": "pidgin\u7279\u5236ICQ Web\u6d88\u606f\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-1889"], "modified": "2009-07-02T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-11744", "id": "SSV:11744", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": ""}], "openvas": [{"lastseen": "2017-07-25T10:55:49", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1889"], "description": "Check for the Version of finch", "modified": "2017-07-10T00:00:00", "published": "2011-08-09T00:00:00", "id": "OPENVAS:880796", "href": "http://plugins.openvas.org/nasl.php?oid=880796", "type": "openvas", "title": "CentOS Update for finch CESA-2009:1139 centos5 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for finch CESA-2009:1139 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Pidgin is an instant messaging program which can log in to multiple\n accounts on multiple instant messaging networks simultaneously. The AOL\n Open System for CommunicAtion in Realtime (OSCAR) protocol is used by the\n AOL ICQ and AIM instant messaging systems.\n\n A denial of service flaw was found in the Pidgin OSCAR protocol\n implementation. If a remote ICQ user sent a web message to a local Pidgin\n user using this protocol, it would cause excessive memory usage, leading to\n a denial of service (Pidgin crash). (CVE-2009-1889)\n \n These updated packages also fix the following bug:\n \n * the Yahoo! Messenger Protocol changed, making it incompatible (and\n unusable) with Pidgin versions prior to 2.5.7. This update provides Pidgin\n 2.5.8, which implements version 16 of the Yahoo! Messenger Protocol, which\n resolves this issue.\n \n Note: These packages upgrade Pidgin to version 2.5.8. Refer to the Pidgin\n release notes for a full list of changes:\n http://developer.pidgin.im/wiki/ChangeLog\n \n All Pidgin users should upgrade to these updated packages, which correct\n these issues. Pidgin must be restarted for this update to take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"finch on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-July/016023.html\");\n script_id(880796);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2009:1139\");\n script_cve_id(\"CVE-2009-1889\");\n script_name(\"CentOS Update for finch CESA-2009:1139 centos5 i386\");\n\n script_summary(\"Check for the Version of finch\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"finch\", rpm:\"finch~2.5.8~1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"finch-devel\", rpm:\"finch-devel~2.5.8~1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpurple\", rpm:\"libpurple~2.5.8~1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpurple-devel\", rpm:\"libpurple-devel~2.5.8~1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpurple-perl\", rpm:\"libpurple-perl~2.5.8~1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpurple-tcl\", rpm:\"libpurple-tcl~2.5.8~1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"pidgin\", rpm:\"pidgin~2.5.8~1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"pidgin-devel\", rpm:\"pidgin-devel~2.5.8~1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"pidgin-perl\", rpm:\"pidgin-perl~2.5.8~1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:37:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1889"], "description": "The remote host is missing an update to pidgin\nannounced via advisory FEDORA-2009-7370.", "modified": "2018-04-06T00:00:00", "published": "2009-07-06T00:00:00", "id": "OPENVAS:136141256231064353", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064353", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-7370 (pidgin)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_7370.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-7370 (pidgin)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nSeveral important bug fixes: - More fixes for Yahoo protocol 16 - MSN,\nMySpace, XMPP - CVE-2009-1889\n\nChangeLog:\n\n* Sun Jun 28 2009 Warren Togami 2.5.8-1\n- 2.5.8 with several important bug fixes\n* Mon Jun 22 2009 Warren Togami 2.5.7-2\n- glib2 compat with RHEL-4\n* Sat Jun 20 2009 Warren Togami 2.5.7-1\n- 2.5.7 with Yahoo Protocol 16 support\n* Wed May 20 2009 Stu Tomlinson 2.5.6-1\n- 2.5.6\n* Mon Apr 20 2009 Warren Togami 2.5.5-3\n- F12+ removed krb4\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update pidgin' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-7370\";\ntag_summary = \"The remote host is missing an update to pidgin\nannounced via advisory FEDORA-2009-7370.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64353\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-06 20:36:15 +0200 (Mon, 06 Jul 2009)\");\n script_cve_id(\"CVE-2009-1889\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Core 10 FEDORA-2009-7370 (pidgin)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=508738\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"finch\", rpm:\"finch~2.5.8~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"finch-devel\", rpm:\"finch-devel~2.5.8~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple\", rpm:\"libpurple~2.5.8~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-devel\", rpm:\"libpurple-devel~2.5.8~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-perl\", rpm:\"libpurple-perl~2.5.8~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-tcl\", rpm:\"libpurple-tcl~2.5.8~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin\", rpm:\"pidgin~2.5.8~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-devel\", rpm:\"pidgin-devel~2.5.8~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-docs\", rpm:\"pidgin-docs~2.5.8~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-perl\", rpm:\"pidgin-perl~2.5.8~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-debuginfo\", rpm:\"pidgin-debuginfo~2.5.8~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1889"], "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1139.\n\nPidgin is an instant messaging program which can log in to multiple\naccounts on multiple instant messaging networks simultaneously. The AOL\nOpen System for CommunicAtion in Realtime (OSCAR) protocol is used by the\nAOL ICQ and AIM instant messaging systems.\n\nA denial of service flaw was found in the Pidgin OSCAR protocol\nimplementation. If a remote ICQ user sent a web message to a local Pidgin\nuser using this protocol, it would cause excessive memory usage, leading to\na denial of service (Pidgin crash). (CVE-2009-1889)\n\nThese updated packages also fix the following bug:\n\n* the Yahoo! Messenger Protocol changed, making it incompatible (and\nunusable) with Pidgin versions prior to 2.5.7. This update provides Pidgin\n2.5.8, which implements version 16 of the Yahoo! Messenger Protocol, which\nresolves this issue.\n\nNote: These packages upgrade Pidgin to version 2.5.8. Refer to the Pidgin\nrelease notes for a full list of changes:\n\nAll Pidgin users should upgrade to these updated packages, which correct\nthese issues. Pidgin must be restarted for this update to take effect.", "modified": "2018-04-06T00:00:00", "published": "2009-07-06T00:00:00", "id": "OPENVAS:136141256231064336", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064336", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1139", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1139.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1139 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\n\nhttp://rhn.redhat.com/errata/RHSA-2009-1139.html\nhttp://www.redhat.com/security/updates/classification/#moderate\";\n\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1139.\n\nPidgin is an instant messaging program which can log in to multiple\naccounts on multiple instant messaging networks simultaneously. The AOL\nOpen System for CommunicAtion in Realtime (OSCAR) protocol is used by the\nAOL ICQ and AIM instant messaging systems.\n\nA denial of service flaw was found in the Pidgin OSCAR protocol\nimplementation. If a remote ICQ user sent a web message to a local Pidgin\nuser using this protocol, it would cause excessive memory usage, leading to\na denial of service (Pidgin crash). (CVE-2009-1889)\n\nThese updated packages also fix the following bug:\n\n* the Yahoo! Messenger Protocol changed, making it incompatible (and\nunusable) with Pidgin versions prior to 2.5.7. This update provides Pidgin\n2.5.8, which implements version 16 of the Yahoo! Messenger Protocol, which\nresolves this issue.\n\nNote: These packages upgrade Pidgin to version 2.5.8. Refer to the Pidgin\nrelease notes for a full list of changes:\n\nAll Pidgin users should upgrade to these updated packages, which correct\nthese issues. Pidgin must be restarted for this update to take effect.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64336\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-06 20:36:15 +0200 (Mon, 06 Jul 2009)\");\n script_cve_id(\"CVE-2009-1889\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"RedHat Security Advisory RHSA-2009:1139\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://developer.pidgin.im/wiki/ChangeLog\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"finch\", rpm:\"finch~2.5.8~1.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"finch-devel\", rpm:\"finch-devel~2.5.8~1.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple\", rpm:\"libpurple~2.5.8~1.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-devel\", rpm:\"libpurple-devel~2.5.8~1.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-perl\", rpm:\"libpurple-perl~2.5.8~1.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-tcl\", rpm:\"libpurple-tcl~2.5.8~1.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin\", rpm:\"pidgin~2.5.8~1.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-debuginfo\", rpm:\"pidgin-debuginfo~2.5.8~1.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-devel\", rpm:\"pidgin-devel~2.5.8~1.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-perl\", rpm:\"pidgin-perl~2.5.8~1.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"finch\", rpm:\"finch~2.5.8~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple\", rpm:\"libpurple~2.5.8~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-perl\", rpm:\"libpurple-perl~2.5.8~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-tcl\", rpm:\"libpurple-tcl~2.5.8~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin\", rpm:\"pidgin~2.5.8~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-debuginfo\", rpm:\"pidgin-debuginfo~2.5.8~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-perl\", rpm:\"pidgin-perl~2.5.8~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"finch-devel\", rpm:\"finch-devel~2.5.8~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-devel\", rpm:\"libpurple-devel~2.5.8~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-devel\", rpm:\"pidgin-devel~2.5.8~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:14:01", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1889"], "description": "This host has installed Pidgin and is prone to Denial of Service\n vulnerability.", "modified": "2016-12-29T00:00:00", "published": "2009-07-03T00:00:00", "id": "OPENVAS:800823", "href": "http://plugins.openvas.org/nasl.php?oid=800823", "type": "openvas", "title": "Pidgin OSCAR Protocol Denial Of Service Vulnerability (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_pidgin_oscar_dos_vuln_win.nasl 4869 2016-12-29 11:01:45Z teissa $\n#\n# Pidgin OSCAR Protocol Denial Of Service Vulnerability ( Win)\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow attacker to cause a application crash.\n Impact Level: Application\";\ntag_affected = \"Pidgin version prior to 2.5.8 on Windows\";\ntag_insight = \"Error in OSCAR protocol implementation leads to the application misinterpreting\n the ICQWebMessage message type as ICQSMS message type via a crafted ICQ web\n message that triggers allocation of a large amount of memory.\";\ntag_solution = \"Upgrade to Pidgin version 2.5.8,\n http://pidgin.im/download\";\ntag_summary = \"This host has installed Pidgin and is prone to Denial of Service\n vulnerability.\";\n\nif(description)\n{\n script_id(800823);\n script_version(\"$Revision: 4869 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-12-29 12:01:45 +0100 (Thu, 29 Dec 2016) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-03 15:23:01 +0200 (Fri, 03 Jul 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2009-1889\");\n script_bugtraq_id(35530);\n script_name(\"Pidgin OSCAR Protocol Denial Of Service Vulnerability (Windows)\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/35652\");\n script_xref(name : \"URL\" , value : \"http://developer.pidgin.im/ticket/9483\");\n script_xref(name : \"URL\" , value : \"http://pidgin.im/pipermail/devel/2009-May/008227.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"secpod_pidgin_detect_win.nasl\");\n script_require_keys(\"Pidgin/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\npidginVer = get_kb_item(\"Pidgin/Win/Ver\");\nif(pidginVer != NULL)\n{\n if(version_is_less(version:pidginVer, test_version:\"2.5.8\")){\n security_message(0);\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-02-02T13:15:42", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1889"], "description": "The remote host is missing an update to pidgin\nannounced via advisory USN-796-1.", "modified": "2018-02-01T00:00:00", "published": "2009-07-15T00:00:00", "id": "OPENVAS:64382", "href": "http://plugins.openvas.org/nasl.php?oid=64382", "type": "openvas", "title": "Ubuntu USN-796-1 (pidgin)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_796_1.nasl 8616 2018-02-01 08:24:13Z cfischer $\n# $Id: ubuntu_796_1.nasl 8616 2018-02-01 08:24:13Z cfischer $\n# Description: Auto-generated from advisory USN-796-1 (pidgin)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 8.04 LTS:\n pidgin 1:2.4.1-1ubuntu2.5\n\nUbuntu 8.10:\n pidgin 1:2.5.2-0ubuntu1.3\n\nUbuntu 9.04:\n pidgin 1:2.5.5-1ubuntu8.3\n\nAfter a standard system upgrade you need to restart Pidgin to effect\nthe necessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-796-1\";\n\ntag_insight = \"Yuriy Kaminskiy discovered that Pidgin did not properly handle certain\nmessages in the ICQ protocol handler. A remote attacker could send a\nspecially crafted message and cause Pidgin to crash.\";\ntag_summary = \"The remote host is missing an update to pidgin\nannounced via advisory USN-796-1.\";\n\n \n\n\nif(description)\n{\n script_id(64382);\n script_version(\"$Revision: 8616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-02-01 09:24:13 +0100 (Thu, 01 Feb 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-15 04:21:35 +0200 (Wed, 15 Jul 2009)\");\n script_cve_id(\"CVE-2009-1889\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Ubuntu USN-796-1 (pidgin)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-796-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"finch-dev\", ver:\"2.4.1-1ubuntu2.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpurple-bin\", ver:\"2.4.1-1ubuntu2.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpurple-dev\", ver:\"2.4.1-1ubuntu2.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pidgin-data\", ver:\"2.4.1-1ubuntu2.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pidgin-dev\", ver:\"2.4.1-1ubuntu2.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gaim\", ver:\"2.4.1-1ubuntu2.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"finch\", ver:\"2.4.1-1ubuntu2.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpurple0\", ver:\"2.4.1-1ubuntu2.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pidgin-dbg\", ver:\"2.4.1-1ubuntu2.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pidgin\", ver:\"2.4.1-1ubuntu2.5\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"finch-dev\", ver:\"2.5.2-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpurple-bin\", ver:\"2.5.2-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpurple-dev\", ver:\"2.5.2-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pidgin-data\", ver:\"2.5.2-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pidgin-dev\", ver:\"2.5.2-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"finch\", ver:\"2.5.2-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpurple0\", ver:\"2.5.2-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pidgin-dbg\", ver:\"2.5.2-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pidgin\", ver:\"2.5.2-0ubuntu1.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"finch-dev\", ver:\"2.5.5-1ubuntu8.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpurple-bin\", ver:\"2.5.5-1ubuntu8.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpurple-dev\", ver:\"2.5.5-1ubuntu8.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pidgin-data\", ver:\"2.5.5-1ubuntu8.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pidgin-dev\", ver:\"2.5.5-1ubuntu8.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"finch\", ver:\"2.5.5-1ubuntu8.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libpurple0\", ver:\"2.5.5-1ubuntu8.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pidgin-dbg\", ver:\"2.5.5-1ubuntu8.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"pidgin\", ver:\"2.5.5-1ubuntu8.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(port:0, data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-27T10:56:34", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1889"], "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1139.\n\nPidgin is an instant messaging program which can log in to multiple\naccounts on multiple instant messaging networks simultaneously. The AOL\nOpen System for CommunicAtion in Realtime (OSCAR) protocol is used by the\nAOL ICQ and AIM instant messaging systems.\n\nA denial of service flaw was found in the Pidgin OSCAR protocol\nimplementation. If a remote ICQ user sent a web message to a local Pidgin\nuser using this protocol, it would cause excessive memory usage, leading to\na denial of service (Pidgin crash). (CVE-2009-1889)\n\nThese updated packages also fix the following bug:\n\n* the Yahoo! Messenger Protocol changed, making it incompatible (and\nunusable) with Pidgin versions prior to 2.5.7. This update provides Pidgin\n2.5.8, which implements version 16 of the Yahoo! Messenger Protocol, which\nresolves this issue.\n\nNote: These packages upgrade Pidgin to version 2.5.8. Refer to the Pidgin\nrelease notes for a full list of changes:\n\nAll Pidgin users should upgrade to these updated packages, which correct\nthese issues. Pidgin must be restarted for this update to take effect.", "modified": "2017-07-12T00:00:00", "published": "2009-07-06T00:00:00", "id": "OPENVAS:64336", "href": "http://plugins.openvas.org/nasl.php?oid=64336", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1139", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1139.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1139 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\n\nhttp://rhn.redhat.com/errata/RHSA-2009-1139.html\nhttp://www.redhat.com/security/updates/classification/#moderate\";\n\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1139.\n\nPidgin is an instant messaging program which can log in to multiple\naccounts on multiple instant messaging networks simultaneously. The AOL\nOpen System for CommunicAtion in Realtime (OSCAR) protocol is used by the\nAOL ICQ and AIM instant messaging systems.\n\nA denial of service flaw was found in the Pidgin OSCAR protocol\nimplementation. If a remote ICQ user sent a web message to a local Pidgin\nuser using this protocol, it would cause excessive memory usage, leading to\na denial of service (Pidgin crash). (CVE-2009-1889)\n\nThese updated packages also fix the following bug:\n\n* the Yahoo! Messenger Protocol changed, making it incompatible (and\nunusable) with Pidgin versions prior to 2.5.7. This update provides Pidgin\n2.5.8, which implements version 16 of the Yahoo! Messenger Protocol, which\nresolves this issue.\n\nNote: These packages upgrade Pidgin to version 2.5.8. Refer to the Pidgin\nrelease notes for a full list of changes:\n\nAll Pidgin users should upgrade to these updated packages, which correct\nthese issues. Pidgin must be restarted for this update to take effect.\";\n\n\n\nif(description)\n{\n script_id(64336);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-06 20:36:15 +0200 (Mon, 06 Jul 2009)\");\n script_cve_id(\"CVE-2009-1889\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"RedHat Security Advisory RHSA-2009:1139\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://developer.pidgin.im/wiki/ChangeLog\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"finch\", rpm:\"finch~2.5.8~1.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"finch-devel\", rpm:\"finch-devel~2.5.8~1.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple\", rpm:\"libpurple~2.5.8~1.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-devel\", rpm:\"libpurple-devel~2.5.8~1.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-perl\", rpm:\"libpurple-perl~2.5.8~1.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-tcl\", rpm:\"libpurple-tcl~2.5.8~1.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin\", rpm:\"pidgin~2.5.8~1.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-debuginfo\", rpm:\"pidgin-debuginfo~2.5.8~1.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-devel\", rpm:\"pidgin-devel~2.5.8~1.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-perl\", rpm:\"pidgin-perl~2.5.8~1.el4\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"finch\", rpm:\"finch~2.5.8~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple\", rpm:\"libpurple~2.5.8~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-perl\", rpm:\"libpurple-perl~2.5.8~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-tcl\", rpm:\"libpurple-tcl~2.5.8~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin\", rpm:\"pidgin~2.5.8~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-debuginfo\", rpm:\"pidgin-debuginfo~2.5.8~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-perl\", rpm:\"pidgin-perl~2.5.8~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"finch-devel\", rpm:\"finch-devel~2.5.8~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-devel\", rpm:\"libpurple-devel~2.5.8~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-devel\", rpm:\"pidgin-devel~2.5.8~1.el5\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:52", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1889"], "description": "The remote host is missing an update to pidgin\nannounced via advisory FEDORA-2009-7359.", "modified": "2018-04-06T00:00:00", "published": "2009-07-06T00:00:00", "id": "OPENVAS:136141256231064351", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064351", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-7359 (pidgin)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_7359.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-7359 (pidgin)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nSeveral important bug fixes: - More fixes for Yahoo protocol 16 - MSN,\nMySpace, XMPP - CVE-2009-1889\n\nChangeLog:\n\n* Sun Jun 28 2009 Warren Togami 2.5.8-1\n- 2.5.8 with several important bug fixes\n* Mon Jun 22 2009 Warren Togami 2.5.7-2\n- glib2 compat with RHEL-4\n* Sat Jun 20 2009 Warren Togami 2.5.7-1\n- 2.5.7 with Yahoo Protocol 16 support\n* Wed May 20 2009 Stu Tomlinson 2.5.6-1\n- 2.5.6\n* Mon Apr 20 2009 Warren Togami 2.5.5-3\n- F12+ removed krb4\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update pidgin' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-7359\";\ntag_summary = \"The remote host is missing an update to pidgin\nannounced via advisory FEDORA-2009-7359.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64351\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-06 20:36:15 +0200 (Mon, 06 Jul 2009)\");\n script_cve_id(\"CVE-2009-1889\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Core 11 FEDORA-2009-7359 (pidgin)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=508738\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"finch\", rpm:\"finch~2.5.8~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"finch-devel\", rpm:\"finch-devel~2.5.8~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple\", rpm:\"libpurple~2.5.8~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-devel\", rpm:\"libpurple-devel~2.5.8~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-perl\", rpm:\"libpurple-perl~2.5.8~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-tcl\", rpm:\"libpurple-tcl~2.5.8~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin\", rpm:\"pidgin~2.5.8~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-devel\", rpm:\"pidgin-devel~2.5.8~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-docs\", rpm:\"pidgin-docs~2.5.8~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-perl\", rpm:\"pidgin-perl~2.5.8~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-debuginfo\", rpm:\"pidgin-debuginfo~2.5.8~1.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:33", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1889"], "description": "The remote host is missing updates to pidgin announced in\nadvisory CESA-2009:1139.", "modified": "2018-04-06T00:00:00", "published": "2009-07-06T00:00:00", "id": "OPENVAS:136141256231064374", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064374", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1139 (pidgin)", "sourceData": "#CESA-2009:1139 64374 2\n# $Id: ovcesa2009_1139.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1139 (pidgin)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1139\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1139\nhttps://rhn.redhat.com/errata/RHSA-2009-1139.html\";\ntag_summary = \"The remote host is missing updates to pidgin announced in\nadvisory CESA-2009:1139.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64374\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-06 20:36:15 +0200 (Mon, 06 Jul 2009)\");\n script_cve_id(\"CVE-2009-1889\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"CentOS Security Advisory CESA-2009:1139 (pidgin)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"finch\", rpm:\"finch~2.5.8~1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"finch-devel\", rpm:\"finch-devel~2.5.8~1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple\", rpm:\"libpurple~2.5.8~1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-devel\", rpm:\"libpurple-devel~2.5.8~1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-perl\", rpm:\"libpurple-perl~2.5.8~1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-tcl\", rpm:\"libpurple-tcl~2.5.8~1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin\", rpm:\"pidgin~2.5.8~1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-devel\", rpm:\"pidgin-devel~2.5.8~1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-perl\", rpm:\"pidgin-perl~2.5.8~1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:50", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1889"], "description": "The remote host is missing updates to pidgin announced in\nadvisory CESA-2009:1139.", "modified": "2017-07-10T00:00:00", "published": "2009-07-06T00:00:00", "id": "OPENVAS:64374", "href": "http://plugins.openvas.org/nasl.php?oid=64374", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1139 (pidgin)", "sourceData": "#CESA-2009:1139 64374 2\n# $Id: ovcesa2009_1139.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1139 (pidgin)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1139\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1139\nhttps://rhn.redhat.com/errata/RHSA-2009-1139.html\";\ntag_summary = \"The remote host is missing updates to pidgin announced in\nadvisory CESA-2009:1139.\";\n\n\n\nif(description)\n{\n script_id(64374);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-06 20:36:15 +0200 (Mon, 06 Jul 2009)\");\n script_cve_id(\"CVE-2009-1889\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"CentOS Security Advisory CESA-2009:1139 (pidgin)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"finch\", rpm:\"finch~2.5.8~1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"finch-devel\", rpm:\"finch-devel~2.5.8~1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple\", rpm:\"libpurple~2.5.8~1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-devel\", rpm:\"libpurple-devel~2.5.8~1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-perl\", rpm:\"libpurple-perl~2.5.8~1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpurple-tcl\", rpm:\"libpurple-tcl~2.5.8~1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin\", rpm:\"pidgin~2.5.8~1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-devel\", rpm:\"pidgin-devel~2.5.8~1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pidgin-perl\", rpm:\"pidgin-perl~2.5.8~1.el5\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:40:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-1889"], "description": "This host has installed Pidgin and is prone to Denial of Service\n vulnerability.", "modified": "2018-12-05T00:00:00", "published": "2009-07-03T00:00:00", "id": "OPENVAS:1361412562310800824", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310800824", "type": "openvas", "title": "Pidgin OSCAR Protocol Denial Of Service Vulnerability (Linux)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_pidgin_oscar_dos_vuln_lin.nasl 12670 2018-12-05 14:14:20Z cfischer $\n#\n# Pidgin OSCAR Protocol Denial Of Service Vulnerability (Linux)\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = 'cpe:/a:pidgin:pidgin';\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.800824\");\n script_version(\"$Revision: 12670 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-12-05 15:14:20 +0100 (Wed, 05 Dec 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-03 15:23:01 +0200 (Fri, 03 Jul 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2009-1889\");\n script_bugtraq_id(35530);\n script_name(\"Pidgin OSCAR Protocol Denial Of Service Vulnerability (Linux)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"secpod_pidgin_detect_lin.nasl\");\n script_mandatory_keys(\"Pidgin/Lin/Ver\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/35652\");\n script_xref(name:\"URL\", value:\"http://developer.pidgin.im/ticket/9483\");\n script_xref(name:\"URL\", value:\"http://pidgin.im/pipermail/devel/2009-May/008227.html\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attacker to cause a application crash.\");\n\n script_tag(name:\"affected\", value:\"Pidgin version prior to 2.5.8 on Linux\");\n\n script_tag(name:\"insight\", value:\"Error in OSCAR protocol implementation leads to the application misinterpreting\n the ICQWebMessage message type as ICQSMS message type via a crafted ICQ web\n message that triggers allocation of a large amount of memory.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Pidgin version 2.5.8.\");\n\n script_tag(name:\"summary\", value:\"This host has installed Pidgin and is prone to Denial of Service\n vulnerability.\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!ver = get_app_version(cpe:CPE)) exit(0);\n\nif(version_is_less(version:ver, test_version:\"2.5.8\")){\n report = report_fixed_ver(installed_version:ver, fixed_version:\"2.5.8\");\n security_message(data:report);\n exit(0);\n}\n\nexit(99);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "centos": [{"lastseen": "2019-12-20T18:25:48", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1889"], "description": "**CentOS Errata and Security Advisory** CESA-2009:1139\n\n\nPidgin is an instant messaging program which can log in to multiple\naccounts on multiple instant messaging networks simultaneously. The AOL\nOpen System for CommunicAtion in Realtime (OSCAR) protocol is used by the\nAOL ICQ and AIM instant messaging systems.\n\nA denial of service flaw was found in the Pidgin OSCAR protocol\nimplementation. If a remote ICQ user sent a web message to a local Pidgin\nuser using this protocol, it would cause excessive memory usage, leading to\na denial of service (Pidgin crash). (CVE-2009-1889)\n\nThese updated packages also fix the following bug:\n\n* the Yahoo! Messenger Protocol changed, making it incompatible (and\nunusable) with Pidgin versions prior to 2.5.7. This update provides Pidgin\n2.5.8, which implements version 16 of the Yahoo! Messenger Protocol, which\nresolves this issue.\n\nNote: These packages upgrade Pidgin to version 2.5.8. Refer to the Pidgin\nrelease notes for a full list of changes:\nhttp://developer.pidgin.im/wiki/ChangeLog\n\nAll Pidgin users should upgrade to these updated packages, which correct\nthese issues. Pidgin must be restarted for this update to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-July/028061.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-July/028062.html\n\n**Affected packages:**\nfinch\nfinch-devel\nlibpurple\nlibpurple-devel\nlibpurple-perl\nlibpurple-tcl\npidgin\npidgin-devel\npidgin-perl\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-1139.html", "edition": 3, "modified": "2009-07-02T23:47:40", "published": "2009-07-02T23:47:40", "href": "http://lists.centos.org/pipermail/centos-announce/2009-July/028061.html", "id": "CESA-2009:1139", "title": "finch, libpurple, pidgin security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:38:30", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1889"], "description": "[2.5.8-1]\n- 2.5.8 with several important bug fixes\n[2.5.7-2]\n- glib2 compat with RHEL-4\n[2.5.7-1]\n- 2.5.7 with Yahoo Protocol 16 support\n[2.5.6-1]\n- 2.5.6\n[2.5.5-3]\n- F12+ removed krb4", "edition": 4, "modified": "2009-07-02T00:00:00", "published": "2009-07-02T00:00:00", "id": "ELSA-2009-1139", "href": "http://linux.oracle.com/errata/ELSA-2009-1139.html", "title": "pidgin security and bug fix update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1889"], "description": "Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just add an account using the account editor. Pidgin supports many common features of other clients, as well as many unique features, such as perl scripting, TCL scripting and C plugins. Pidgin is not affiliated with or endorsed by America Online, Inc., Microsoft Corporation, Yahoo! Inc., or ICQ Inc. ", "modified": "2009-07-03T19:55:45", "published": "2009-07-03T19:55:45", "id": "FEDORA:38E3310F8AC", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 9 Update: pidgin-2.5.8-1.fc9", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1889"], "description": "Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just add an account using the account editor. Pidgin supports many common features of other clients, as well as many unique features, such as perl scripting, TCL scripting and C plugins. Pidgin is not affiliated with or endorsed by America Online, Inc., Microsoft Corporation, Yahoo! Inc., or ICQ Inc. ", "modified": "2009-07-03T19:47:21", "published": "2009-07-03T19:47:21", "id": "FEDORA:1A89F10F7E6", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 10 Update: pidgin-2.5.8-1.fc10", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1889"], "description": "Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just add an account using the account editor. Pidgin supports many common features of other clients, as well as many unique features, such as perl scripting, TCL scripting and C plugins. Pidgin is not affiliated with or endorsed by America Online, Inc., Microsoft Corporation, Yahoo! Inc., or ICQ Inc. ", "modified": "2009-07-03T19:45:03", "published": "2009-07-03T19:45:03", "id": "FEDORA:9024F10F89C", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 11 Update: pidgin-2.5.8-1.fc11", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:39", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1376", "CVE-2009-3026", "CVE-2009-1889", "CVE-2009-2694"], "edition": 1, "description": "### Background\n\nPidgin is a client for a variety of instant messaging protocols. \n\n### Description\n\nMultiple vulnerabilities were found in Pidgin: \n\n * Yuriy Kaminskiy reported that the OSCAR protocol implementation in Pidgin misinterprets the ICQWebMessage message type as the ICQSMS message type, triggering an allocation of a large amount of memory (CVE-2009-1889).\n * Federico Muttis of Core Security Technologies reported that the msn_slplink_process_msg() function in libpurple/protocols/msn/slplink.c in libpurple as used in Pidgin doesn't properly process incoming SLP messages, triggering an overwrite of an arbitrary memory location (CVE-2009-2694). NOTE: This issue reportedly exists because of an incomplete fix for CVE-2009-1376 (GLSA 200905-07).\n * bugdave reported that protocols/jabber/auth.c in libpurple as used in Pidgin does not follow the \"require TSL/SSL\" preference when connecting to older Jabber servers that do not follow the XMPP specification, resulting in a connection to the server without the expected encryption (CVE-2009-3026).\n\n### Impact\n\nA remote attacker could send specially crafted SLP (via MSN) or ICQ web messages, possibly leading to execution of arbitrary code with the privileges of the user running Pidgin, unauthorized information disclosure, or a Denial of Service. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Pidgin users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-im/pidgin-2.5.9-r1\"", "modified": "2009-10-22T00:00:00", "published": "2009-10-22T00:00:00", "id": "GLSA-200910-02", "href": "https://security.gentoo.org/glsa/200910-02", "type": "gentoo", "title": "Pidgin: Multiple vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2020-11-11T13:17:08", "bulletinFamily": "unix", "cvelist": ["CVE-2008-2927", "CVE-2009-1376", "CVE-2009-1375", "CVE-2009-1374", "CVE-2009-1889", "CVE-2009-1373"], "description": "Gerfried Fuchs uploaded new packages for pidgin which fixed the\nfollowing security problems:\n\nCVE-2009-1373\n\n Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin\n (formerly Gaim) before 2.5.6 allows remote authenticated users to\n execute arbitrary code via vectors involving an outbound XMPP file\n transfer.\n\nCVE-2009-1374\n\n Buffer overflow in the decrypt_out function in Pidgin (formerly Gaim)\n before 2.5.6 allows remote attackers to cause a denial of service\n (application crash) via a QQ packet. \n\nCVE-2009-1375\n\n The PurpleCircBuffer implementation in Pidgin (formerly Gaim) before\n 2.5.6 does not properly maintain a certain buffer, which allows remote\n attackers to cause a denial of service (memory corruption and\n application crash) via vectors involving the (1) XMPP or (2) Sametime\n protocol. \n\nCVE-2009-1376\n\n Multiple integer overflows in the msn_slplink_process_msg functions in\n the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and\n (2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim)\n before 2.5.6 on 32-bit platforms allow remote attackers to execute\n arbitrary code via a malformed SLP message with a crafted offset\n value, leading to buffer overflows. NOTE: this issue exists because of\n an incomplete fix for CVE-2008-2927. \n\nCVE-2009-1889, Debian Bug #535790\n\n The OSCAR protocol implementation in Pidgin before 2.5.8 misinterprets\n the ICQWebMessage message type as the ICQSMS message type, which\n allows remote attackers to cause a denial of service (application\n crash) via a crafted ICQ web message that triggers allocation of a\n large amount of memory. \n\nFor the lenny-backports distribution the problems (with the exception of\nCVE-2009-1889) have been fixed in version 2.4.3-4lenny2.\n\nFor the squeeze and sid distributions the problems have been fixed in\nversion 2.5.8-1.\n\n\nUpgrade instructions\n--------------------\n\nIf you don't use pinning (see [1]) you have to update the packages\nmanually via "apt-get -t etch-backports install <packagelist>" with the\npackagelist of your installed packages affected by this update.\n[1] <http://backports.org/dokuwiki/doku.php?id=instructions>\n\nWe recommend to pin the backports repository to 200 so that new versions\nof installed backports will be installed automatically:\n\n Package: *\n Pin: release a=etch-backports\n Pin-Priority: 200\n", "edition": 3, "modified": "2009-07-29T21:34:46", "published": "2009-07-29T21:34:46", "id": "DEBIAN:7CBCBF8C24D8988DB95B28F0FFCF75C8:F574C", "href": "https://lists.debian.org/debian-backports-announce/2009/debian-backports-announce-200907/msg00003.html", "title": "[Backports-security-announce] Security Update for pidgin", "type": "debian", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}
