Lucene search
This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.SUSE_11_0_FINCH-080903.NASLHistoryJul 21, 2009 - 12:00 a.m.
openSUSE Security Update : finch (finch-188)
2009-07-2100:00:00
This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.
www.tenable.com
26
6.8 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.107 Low
EPSS
Percentile
95.1%
-
specially crafted MSN SLP messages could cause an integer overflow in pidgin. Attackers could potentially exploit that to execute arbitrary code (CVE-2008-2927).
-
overly long file names in MSN file transfers could crash pidgin (CVE-2008-2955).
-
SSL certifcates were not verfied. Therefore piding didnβt notice faked certificates (CVE-2008-3532)
-
Additionally a problem was fixed that prevented gaim clients from connecting to the ICQ network after a server change on July 1st 2008.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update finch-188.
#
# The text description of this plugin is (C) SUSE LLC.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(39959);
script_version("1.12");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2008-2927", "CVE-2008-2955", "CVE-2008-3532");
script_name(english:"openSUSE Security Update : finch (finch-188)");
script_summary(english:"Check for the finch-188 patch");
script_set_attribute(
attribute:"synopsis",
value:"The remote openSUSE host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
" - specially crafted MSN SLP messages could cause an
integer overflow in pidgin. Attackers could potentially
exploit that to execute arbitrary code (CVE-2008-2927).
- overly long file names in MSN file transfers could crash
pidgin (CVE-2008-2955).
- SSL certifcates were not verfied. Therefore piding
didn't notice faked certificates (CVE-2008-3532)
Additionally a problem was fixed that prevented gaim clients from
connecting to the ICQ network after a server change on July 1st 2008."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=404163"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=405632"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=406416"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=415679"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected finch packages."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_cwe_id(20, 189, 310);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:finch");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:finch-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpurple");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpurple-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpurple-meanwhile");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpurple-mono");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:pidgin");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:pidgin-devel");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.0");
script_set_attribute(attribute:"patch_publication_date", value:"2008/09/03");
script_set_attribute(attribute:"plugin_publication_date", value:"2009/07/21");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE11\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.0", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
flag = 0;
if ( rpm_check(release:"SUSE11.0", reference:"finch-2.4.1-28.4") ) flag++;
if ( rpm_check(release:"SUSE11.0", reference:"finch-devel-2.4.1-28.4") ) flag++;
if ( rpm_check(release:"SUSE11.0", reference:"libpurple-2.4.1-28.4") ) flag++;
if ( rpm_check(release:"SUSE11.0", reference:"libpurple-devel-2.4.1-28.4") ) flag++;
if ( rpm_check(release:"SUSE11.0", reference:"libpurple-meanwhile-2.4.1-28.4") ) flag++;
if ( rpm_check(release:"SUSE11.0", reference:"libpurple-mono-2.4.1-28.4") ) flag++;
if ( rpm_check(release:"SUSE11.0", reference:"pidgin-2.4.1-28.4") ) flag++;
if ( rpm_check(release:"SUSE11.0", reference:"pidgin-devel-2.4.1-28.4") ) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "finch / finch-devel / libpurple / libpurple-devel / etc");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | opensuse | finch | p-cpe:/a:novell:opensuse:finch |
| novell | opensuse | finch-devel | p-cpe:/a:novell:opensuse:finch-devel |
| novell | opensuse | libpurple | p-cpe:/a:novell:opensuse:libpurple |
| novell | opensuse | libpurple-devel | p-cpe:/a:novell:opensuse:libpurple-devel |
| novell | opensuse | libpurple-meanwhile | p-cpe:/a:novell:opensuse:libpurple-meanwhile |
| novell | opensuse | libpurple-mono | p-cpe:/a:novell:opensuse:libpurple-mono |
| novell | opensuse | pidgin | p-cpe:/a:novell:opensuse:pidgin |
| novell | opensuse | pidgin-devel | p-cpe:/a:novell:opensuse:pidgin-devel |
| novell | opensuse | 11.0 | cpe:/o:novell:opensuse:11.0 |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2927
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2955
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3532
bugzilla.novell.com/show_bug.cgi?id=404163
bugzilla.novell.com/show_bug.cgi?id=405632
bugzilla.novell.com/show_bug.cgi?id=406416
bugzilla.novell.com/show_bug.cgi?id=415679
Related
nessus
nessus
openSUSE 10 Security Update : finch (finch-5592)
2008-09-14 00:00:00
SuSE 10 Security Update : pidgin, gaim and finch (ZYPP Patch Number 5573)
2011-01-27 00:00:00
GLSA-200901-13 : Pidgin: Multiple vulnerabilities
2009-01-21 00:00:00
gentoo
gentoo
Pidgin: Multiple vulnerabilities
2009-01-20 00:00:00
Pidgin: Multiple vulnerabilities
2009-05-25 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-675-1)
2009-03-23 00:00:00
Ubuntu Update for pidgin vulnerabilities USN-675-1
2009-03-23 00:00:00
Gentoo Security Advisory GLSA 200901-13 (pidgin)
2009-01-26 00:00:00
ubuntu
ubuntu
Pidgin vulnerabilities
2008-11-24 00:00:00
Gaim vulnerability
2008-11-24 00:00:00
Pidgin vulnerabilities
2010-01-18 00:00:00
prion
prion
Integer overflow
2008-07-07 23:41:00
Code injection
2008-08-08 19:41:00
Code injection
2008-07-01 22:41:00
cve
cve
nvd
nvd
ubuntucve
ubuntucve
debiancve
debiancve
cvelist
cvelist
centos
centos
enscript, finch, libpurple, pidgin security update
2008-12-15 17:14:23
finch, libpurple, pidgin security update
2008-07-09 10:20:19
redhat
redhat
(RHSA-2008:1023) Moderate: pidgin security and bug fix update
2008-12-15 00:00:00
(RHSA-2008:0584) Important: pidgin security and bug fix update
2008-07-09 00:00:00
oraclelinux
oraclelinux
pidgin security and bug fix update
2008-12-15 00:00:00
pidgin security and bug fix update
2008-07-09 00:00:00
veracode
veracode
Spoofing Attack
2020-04-10 00:29:14
Denial Of Service (DoS)
2020-04-10 00:29:13
Arbitrary Code Execution
2020-04-10 00:25:52
checkpoint_advisories
checkpoint_advisories
Pidgin MSN MSNP2P Message Integer Overflow (CVE-2008-2927)
2009-12-21 00:00:00
securityvulns
securityvulns
ZDI-08-054: Multiple Vendor libpurple MSN Protocol SLP Message Heap Overflow Vulnerability
2008-09-01 00:00:00
libpurple / Pidgin buffer overflow
2009-06-09 00:00:00
zdi
zdi
debian
debian
[SECURITY] [DSA 1610-1] New gaim packages fix execution of arbitrary code
2008-07-15 17:46:45
[SECURITY] [DSA 1870-1] New pidgin packages fix arbitrary code execution
2009-08-19 22:29:43
[SECURITY] [DSA 1805-1] New pidgin packages fix several vulnerabilities
2009-05-22 20:04:08
osv
osv
gaim - execution of arbitrary code
2008-07-15 00:00:00
pidgin - insufficient input sanitization
2009-08-19 00:00:00
pidgin - several vulnerabilities
2009-05-22 00:00:00
coresecurity
coresecurity
Libpurple msn_slplink_process_msg() Arbitrary Write Vulnerability
2009-08-18 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: pidgin-2.5.6-1.fc10
2009-06-02 14:33:34
[SECURITY] Fedora 9 Update: pidgin-2.5.6-1.fc9
2009-06-02 14:26:30
[SECURITY] Fedora 11 Update: pidgin-2.5.6-1.fc11
2009-06-02 14:28:31
6.8 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.107 Low
EPSS
Percentile
95.1%
Related for SUSE_11_0_FINCH-080903.NASL