{"id": "UBUNTU_USN-168-1.NASL", "bulletinFamily": "scanner", "title": "Ubuntu 4.10 / 5.04 : gaim vulnerabilities (USN-168-1)", "description": "Daniel Atallah discovered a Denial of Service vulnerability in the file transfer handler of OSCAR (the module that handles various instant messaging protocols like ICQ). A remote attacker could crash the Gaim client of an user by attempting to send him a file with a name that contains invalid UTF-8 characters. (CAN-2005-2102)\n\nIt was found that specially crafted 'away' messages triggered a buffer overflow. A remote attacker could exploit this to crash the Gaim client or possibly even execute arbitrary code with the permissions of the Gaim user. (CAN-2005-2103)\n\nSzymon Zygmunt and Michal Bartoszkiewicz discovered a memory alignment error in the Gadu library, which was fixed in USN-162-1.\nHowever, it was discovered that Gaim contains a copy of the vulnerable code. By sending specially crafted messages over the Gadu protocol, a remote attacker could crash Gaim. (CAN-2005-2370).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2006-01-15T00:00:00", "modified": "2018-07-19T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=20574", "reporter": "Tenable", "references": [], "cvelist": ["CVE-2005-2370", "CVE-2005-2103", "CVE-2005-2102"], "type": "nessus", "lastseen": "2019-02-21T01:08:56", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:gaim-dev", "p-cpe:/a:canonical:ubuntu_linux:gaim-data", "cpe:/o:canonical:ubuntu_linux:5.04", "cpe:/o:canonical:ubuntu_linux:4.10", "p-cpe:/a:canonical:ubuntu_linux:gaim"], "cvelist": ["CVE-2005-2370", "CVE-2005-2103", "CVE-2005-2102"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Daniel Atallah discovered a Denial of Service vulnerability in the file transfer handler of OSCAR (the module that handles various instant messaging protocols like ICQ). A remote attacker could crash the Gaim client of an user by attempting to send him a file with a name that contains invalid UTF-8 characters. (CAN-2005-2102)\n\nIt was found that specially crafted 'away' messages triggered a buffer overflow. A remote attacker could exploit this to crash the Gaim client or possibly even execute arbitrary code with the permissions of the Gaim user. (CAN-2005-2103)\n\nSzymon Zygmunt and Michal Bartoszkiewicz discovered a memory alignment error in the Gadu library, which was fixed in USN-162-1.\nHowever, it was discovered that Gaim contains a copy of the vulnerable code. By sending specially crafted messages over the Gadu protocol, a remote attacker could crash Gaim. (CAN-2005-2370).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 3, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "a0d1e360d354e39e687f7c0df5a83c683785637a5fbcd094ff6614ff27207903", "hashmap": [{"hash": "5def28318542b833394bb196f5312b60", "key": "cvelist"}, {"hash": "9ebbba4f7dfab58e7c57c9df7b54d577", "key": "description"}, {"hash": "a15fe4091394770701d1b830c7b3dfd2", "key": "sourceData"}, {"hash": "e2914120514a29eeccc01e381df164d8", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "51f6f8bb60533faccaf9964766bf4117", "key": "title"}, {"hash": "d0a161de269faf0b3cf3efa18918066d", "key": "cpe"}, {"hash": "575770113bb5f93b2906ef8917facca4", "key": "pluginID"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "8a96d8d6e565c1bd06e216985d146bba", "key": "published"}, {"hash": "c9b7d00377a789a14c9bb9dab6c7168c", "key": "naslFamily"}, {"hash": "3ea495319d2ba146a209aaeb70b152c8", "key": "href"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=20574", "id": "UBUNTU_USN-168-1.NASL", "lastseen": "2018-08-02T07:45:15", "modified": "2018-07-19T00:00:00", "naslFamily": "Ubuntu Local Security Checks", "objectVersion": "1.3", "pluginID": "20574", "published": "2006-01-15T00:00:00", "references": [], "reporter": "Tenable", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-168-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(20574);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/07/19 23:44:03\");\n\n script_cve_id(\"CVE-2005-2102\", \"CVE-2005-2103\", \"CVE-2005-2370\");\n script_bugtraq_id(14531);\n script_xref(name:\"USN\", value:\"168-1\");\n\n script_name(english:\"Ubuntu 4.10 / 5.04 : gaim vulnerabilities (USN-168-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Daniel Atallah discovered a Denial of Service vulnerability in the\nfile transfer handler of OSCAR (the module that handles various\ninstant messaging protocols like ICQ). A remote attacker could crash\nthe Gaim client of an user by attempting to send him a file with a\nname that contains invalid UTF-8 characters. (CAN-2005-2102)\n\nIt was found that specially crafted 'away' messages triggered a buffer\noverflow. A remote attacker could exploit this to crash the Gaim\nclient or possibly even execute arbitrary code with the permissions of\nthe Gaim user. (CAN-2005-2103)\n\nSzymon Zygmunt and Michal Bartoszkiewicz discovered a memory\nalignment error in the Gadu library, which was fixed in USN-162-1.\nHowever, it was discovered that Gaim contains a copy of the vulnerable\ncode. By sending specially crafted messages over the Gadu protocol, a\nremote attacker could crash Gaim. (CAN-2005-2370).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gaim, gaim-data and / or gaim-dev packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gaim-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gaim-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:4.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/01/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2005-2018 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(4\\.10|5\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 4.10 / 5.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"4.10\", pkgname:\"gaim\", pkgver:\"1.0.0-1ubuntu1.8\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"gaim\", pkgver:\"1.1.4-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"gaim-data\", pkgver:\"1.1.4-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"gaim-dev\", pkgver:\"1.1.4-1ubuntu4.4\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gaim / gaim-data / gaim-dev\");\n}\n", "title": "Ubuntu 4.10 / 5.04 : gaim vulnerabilities (USN-168-1)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-02T07:45:15"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:gaim-dev", "p-cpe:/a:canonical:ubuntu_linux:gaim-data", "cpe:/o:canonical:ubuntu_linux:5.04", "cpe:/o:canonical:ubuntu_linux:4.10", "p-cpe:/a:canonical:ubuntu_linux:gaim"], "cvelist": ["CVE-2005-2370", "CVE-2005-2103", "CVE-2005-2102"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Daniel Atallah discovered a Denial of Service vulnerability in the\nfile transfer handler of OSCAR (the module that handles various\ninstant messaging protocols like ICQ). A remote attacker could crash\nthe Gaim client of an user by attempting to send him a file with a\nname that contains invalid UTF-8 characters. (CAN-2005-2102)\n\nIt was found that specially crafted 'away' messages triggered a buffer\noverflow. A remote attacker could exploit this to crash the Gaim\nclient or possibly even execute arbitrary code with the permissions of\nthe Gaim user. (CAN-2005-2103)\n\nSzymon Zygmunt and Michal Bartoszkiewicz discovered a memory\nalignment error in the Gadu library, which was fixed in USN-162-1.\nHowever, it was discovered that Gaim contains a copy of the vulnerable\ncode. By sending specially crafted messages over the Gadu protocol, a\nremote attacker could crash Gaim. (CAN-2005-2370).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 6, "enchantments": {"dependencies": {"modified": "2019-01-16T20:06:29", "references": [{"idList": ["DEBIAN:DSA-1318-1:D6CCC", "DEBIAN:DSA-813-1:20C31", "DEBIAN:DSA-769-1:7FD30"], "type": "debian"}, {"idList": ["DEBIAN_DSA-769.NASL", "GENTOO_GLSA-200508-06.NASL", "MANDRAKE_MDKSA-2005-139.NASL", "REDHAT-RHSA-2005-589.NASL", "FREEBSD_PKG_09DB28440B2111DABC080001020EED82.NASL", "SLACKWARE_SSA_2005-242-03.NASL", "REDHAT-RHSA-2005-627.NASL", "FREEBSD_PKG_6D1761D20B2311DABC080001020EED82.NASL", "CENTOS_RHSA-2005-627.NASL", "DEBIAN_DSA-813.NASL"], "type": "nessus"}, {"idList": ["CVE-2005-2370", "CVE-2005-2103", "CVE-2005-2102"], "type": "cve"}, {"idList": ["GLSA-200508-06"], "type": "gentoo"}, {"idList": ["09DB2844-0B21-11DA-BC08-0001020EED82", "6D1761D2-0B23-11DA-BC08-0001020EED82", "3B4A6982-0B24-11DA-BC08-0001020EED82"], "type": "freebsd"}, {"idList": ["OSVDB:18669", "OSVDB:18668", "OSVDB:18126"], "type": "osvdb"}, {"idList": ["USN-168-1", "USN-162-1"], "type": "ubuntu"}, {"idList": ["OPENVAS:55343", "OPENVAS:55043", "OPENVAS:58424", "OPENVAS:55187", "OPENVAS:55060", "OPENVAS:136141256231055187", "OPENVAS:54455", "OPENVAS:55044", "OPENVAS:55045"], "type": "openvas"}, {"idList": ["CESA-2005:589-01", "CESA-2005:639", "CESA-2005:627"], "type": "centos"}, {"idList": ["RHSA-2005:589", "RHSA-2005:627"], "type": "redhat"}, {"idList": ["SECURITYVULNS:DOC:9723"], "type": "securityvulns"}, {"idList": ["SSA-2005-251-03", "SSA-2005-242-03"], "type": "slackware"}]}, "score": {"value": 7.5, "vector": "NONE"}}, "hash": "26945ddd9ebe14d622eebcbbc6e7ef243bcb44117789accdedb03f94bc3eed3f", "hashmap": [{"hash": "5def28318542b833394bb196f5312b60", "key": "cvelist"}, {"hash": "a15fe4091394770701d1b830c7b3dfd2", "key": "sourceData"}, {"hash": "e2914120514a29eeccc01e381df164d8", "key": "modified"}, {"hash": "700fac9dc13892ff030fa5cf4d891494", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "51f6f8bb60533faccaf9964766bf4117", "key": "title"}, {"hash": "d0a161de269faf0b3cf3efa18918066d", "key": "cpe"}, {"hash": "575770113bb5f93b2906ef8917facca4", "key": "pluginID"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "8a96d8d6e565c1bd06e216985d146bba", "key": "published"}, {"hash": "c9b7d00377a789a14c9bb9dab6c7168c", "key": "naslFamily"}, {"hash": "3ea495319d2ba146a209aaeb70b152c8", "key": "href"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=20574", "id": "UBUNTU_USN-168-1.NASL", "lastseen": "2019-01-16T20:06:29", "modified": "2018-07-19T00:00:00", "naslFamily": "Ubuntu Local Security Checks", "objectVersion": "1.3", "pluginID": "20574", "published": "2006-01-15T00:00:00", "references": [], "reporter": "Tenable", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-168-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(20574);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/07/19 23:44:03\");\n\n script_cve_id(\"CVE-2005-2102\", \"CVE-2005-2103\", \"CVE-2005-2370\");\n script_bugtraq_id(14531);\n script_xref(name:\"USN\", value:\"168-1\");\n\n script_name(english:\"Ubuntu 4.10 / 5.04 : gaim vulnerabilities (USN-168-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Daniel Atallah discovered a Denial of Service vulnerability in the\nfile transfer handler of OSCAR (the module that handles various\ninstant messaging protocols like ICQ). A remote attacker could crash\nthe Gaim client of an user by attempting to send him a file with a\nname that contains invalid UTF-8 characters. (CAN-2005-2102)\n\nIt was found that specially crafted 'away' messages triggered a buffer\noverflow. A remote attacker could exploit this to crash the Gaim\nclient or possibly even execute arbitrary code with the permissions of\nthe Gaim user. (CAN-2005-2103)\n\nSzymon Zygmunt and Michal Bartoszkiewicz discovered a memory\nalignment error in the Gadu library, which was fixed in USN-162-1.\nHowever, it was discovered that Gaim contains a copy of the vulnerable\ncode. By sending specially crafted messages over the Gadu protocol, a\nremote attacker could crash Gaim. (CAN-2005-2370).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gaim, gaim-data and / or gaim-dev packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gaim-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gaim-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:4.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/01/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2005-2018 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(4\\.10|5\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 4.10 / 5.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"4.10\", pkgname:\"gaim\", pkgver:\"1.0.0-1ubuntu1.8\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"gaim\", pkgver:\"1.1.4-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"gaim-data\", pkgver:\"1.1.4-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"gaim-dev\", pkgver:\"1.1.4-1ubuntu4.4\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gaim / gaim-data / gaim-dev\");\n}\n", "title": "Ubuntu 4.10 / 5.04 : gaim vulnerabilities (USN-168-1)", "type": "nessus", "viewCount": 1}, "differentElements": ["description"], "edition": 6, "lastseen": "2019-01-16T20:06:29"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:gaim-dev", "p-cpe:/a:canonical:ubuntu_linux:gaim-data", "cpe:/o:canonical:ubuntu_linux:5.04", "cpe:/o:canonical:ubuntu_linux:4.10", "p-cpe:/a:canonical:ubuntu_linux:gaim"], "cvelist": ["CVE-2005-2370", "CVE-2005-2103", "CVE-2005-2102"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Daniel Atallah discovered a Denial of Service vulnerability in the file transfer handler of OSCAR (the module that handles various instant messaging protocols like ICQ). A remote attacker could crash the Gaim client of an user by attempting to send him a file with a name that contains invalid UTF-8 characters. (CAN-2005-2102)\n\nIt was found that specially crafted 'away' messages triggered a buffer overflow. A remote attacker could exploit this to crash the Gaim client or possibly even execute arbitrary code with the permissions of the Gaim user. (CAN-2005-2103)\n\nSzymon Zygmunt and Michal Bartoszkiewicz discovered a memory alignment error in the Gadu library, which was fixed in USN-162-1.\nHowever, it was discovered that Gaim contains a copy of the vulnerable code. By sending specially crafted messages over the Gadu protocol, a remote attacker could crash Gaim. (CAN-2005-2370).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "cdee3d6a645c3224c764563df5a90cb1098cf3cacf8c2d63b7b0dadcbec6a71f", "hashmap": [{"hash": "5def28318542b833394bb196f5312b60", "key": "cvelist"}, {"hash": "9ebbba4f7dfab58e7c57c9df7b54d577", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "9f645ae040f3a911c83effe8f4cefb6e", "key": "sourceData"}, {"hash": "51f6f8bb60533faccaf9964766bf4117", "key": "title"}, {"hash": "d0a161de269faf0b3cf3efa18918066d", "key": "cpe"}, {"hash": "575770113bb5f93b2906ef8917facca4", "key": "pluginID"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "8a96d8d6e565c1bd06e216985d146bba", "key": "published"}, {"hash": "f5f9e526f94b59bbc9026f5b07b6ef78", "key": "modified"}, {"hash": "c9b7d00377a789a14c9bb9dab6c7168c", "key": "naslFamily"}, {"hash": "3ea495319d2ba146a209aaeb70b152c8", "key": "href"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=20574", "id": "UBUNTU_USN-168-1.NASL", "lastseen": "2017-10-29T13:36:19", "modified": "2016-05-27T00:00:00", "naslFamily": "Ubuntu Local Security Checks", "objectVersion": "1.3", "pluginID": "20574", "published": "2006-01-15T00:00:00", "references": [], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-168-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(20574);\n script_version(\"$Revision: 1.13 $\");\n script_cvs_date(\"$Date: 2016/05/27 14:21:16 $\");\n\n script_cve_id(\"CVE-2005-2102\", \"CVE-2005-2103\", \"CVE-2005-2370\");\n script_bugtraq_id(14531);\n script_xref(name:\"USN\", value:\"168-1\");\n\n script_name(english:\"Ubuntu 4.10 / 5.04 : gaim vulnerabilities (USN-168-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Daniel Atallah discovered a Denial of Service vulnerability in the\nfile transfer handler of OSCAR (the module that handles various\ninstant messaging protocols like ICQ). A remote attacker could crash\nthe Gaim client of an user by attempting to send him a file with a\nname that contains invalid UTF-8 characters. (CAN-2005-2102)\n\nIt was found that specially crafted 'away' messages triggered a buffer\noverflow. A remote attacker could exploit this to crash the Gaim\nclient or possibly even execute arbitrary code with the permissions of\nthe Gaim user. (CAN-2005-2103)\n\nSzymon Zygmunt and Michal Bartoszkiewicz discovered a memory\nalignment error in the Gadu library, which was fixed in USN-162-1.\nHowever, it was discovered that Gaim contains a copy of the vulnerable\ncode. By sending specially crafted messages over the Gadu protocol, a\nremote attacker could crash Gaim. (CAN-2005-2370).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gaim, gaim-data and / or gaim-dev packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gaim-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gaim-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:4.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/01/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2005-2016 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(4\\.10|5\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 4.10 / 5.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"4.10\", pkgname:\"gaim\", pkgver:\"1.0.0-1ubuntu1.8\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"gaim\", pkgver:\"1.1.4-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"gaim-data\", pkgver:\"1.1.4-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"gaim-dev\", pkgver:\"1.1.4-1ubuntu4.4\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gaim / gaim-data / gaim-dev\");\n}\n", "title": "Ubuntu 4.10 / 5.04 : gaim vulnerabilities (USN-168-1)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2017-10-29T13:36:19"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:gaim-dev", "p-cpe:/a:canonical:ubuntu_linux:gaim-data", "cpe:/o:canonical:ubuntu_linux:5.04", "cpe:/o:canonical:ubuntu_linux:4.10", "p-cpe:/a:canonical:ubuntu_linux:gaim"], "cvelist": ["CVE-2005-2370", "CVE-2005-2103", "CVE-2005-2102"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Daniel Atallah discovered a Denial of Service vulnerability in the file transfer handler of OSCAR (the module that handles various instant messaging protocols like ICQ). A remote attacker could crash the Gaim client of an user by attempting to send him a file with a name that contains invalid UTF-8 characters. (CAN-2005-2102)\n\nIt was found that specially crafted 'away' messages triggered a buffer overflow. A remote attacker could exploit this to crash the Gaim client or possibly even execute arbitrary code with the permissions of the Gaim user. (CAN-2005-2103)\n\nSzymon Zygmunt and Michal Bartoszkiewicz discovered a memory alignment error in the Gadu library, which was fixed in USN-162-1.\nHowever, it was discovered that Gaim contains a copy of the vulnerable code. By sending specially crafted messages over the Gadu protocol, a remote attacker could crash Gaim. (CAN-2005-2370).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 5, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "a0d1e360d354e39e687f7c0df5a83c683785637a5fbcd094ff6614ff27207903", "hashmap": [{"hash": "5def28318542b833394bb196f5312b60", "key": "cvelist"}, {"hash": "9ebbba4f7dfab58e7c57c9df7b54d577", "key": "description"}, {"hash": "a15fe4091394770701d1b830c7b3dfd2", "key": "sourceData"}, {"hash": "e2914120514a29eeccc01e381df164d8", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "51f6f8bb60533faccaf9964766bf4117", "key": "title"}, {"hash": "d0a161de269faf0b3cf3efa18918066d", "key": "cpe"}, {"hash": "575770113bb5f93b2906ef8917facca4", "key": "pluginID"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "8a96d8d6e565c1bd06e216985d146bba", "key": "published"}, {"hash": "c9b7d00377a789a14c9bb9dab6c7168c", "key": "naslFamily"}, {"hash": "3ea495319d2ba146a209aaeb70b152c8", "key": "href"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=20574", "id": "UBUNTU_USN-168-1.NASL", "lastseen": "2018-09-01T23:40:50", "modified": "2018-07-19T00:00:00", "naslFamily": "Ubuntu Local Security Checks", "objectVersion": "1.3", "pluginID": "20574", "published": "2006-01-15T00:00:00", "references": [], "reporter": "Tenable", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-168-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(20574);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/07/19 23:44:03\");\n\n script_cve_id(\"CVE-2005-2102\", \"CVE-2005-2103\", \"CVE-2005-2370\");\n script_bugtraq_id(14531);\n script_xref(name:\"USN\", value:\"168-1\");\n\n script_name(english:\"Ubuntu 4.10 / 5.04 : gaim vulnerabilities (USN-168-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Daniel Atallah discovered a Denial of Service vulnerability in the\nfile transfer handler of OSCAR (the module that handles various\ninstant messaging protocols like ICQ). A remote attacker could crash\nthe Gaim client of an user by attempting to send him a file with a\nname that contains invalid UTF-8 characters. (CAN-2005-2102)\n\nIt was found that specially crafted 'away' messages triggered a buffer\noverflow. A remote attacker could exploit this to crash the Gaim\nclient or possibly even execute arbitrary code with the permissions of\nthe Gaim user. (CAN-2005-2103)\n\nSzymon Zygmunt and Michal Bartoszkiewicz discovered a memory\nalignment error in the Gadu library, which was fixed in USN-162-1.\nHowever, it was discovered that Gaim contains a copy of the vulnerable\ncode. By sending specially crafted messages over the Gadu protocol, a\nremote attacker could crash Gaim. (CAN-2005-2370).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gaim, gaim-data and / or gaim-dev packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gaim-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gaim-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:4.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/01/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2005-2018 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(4\\.10|5\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 4.10 / 5.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"4.10\", pkgname:\"gaim\", pkgver:\"1.0.0-1ubuntu1.8\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"gaim\", pkgver:\"1.1.4-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"gaim-data\", pkgver:\"1.1.4-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"gaim-dev\", pkgver:\"1.1.4-1ubuntu4.4\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gaim / gaim-data / gaim-dev\");\n}\n", "title": "Ubuntu 4.10 / 5.04 : gaim vulnerabilities (USN-168-1)", "type": "nessus", "viewCount": 0}, "differentElements": ["description"], "edition": 5, "lastseen": "2018-09-01T23:40:50"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:gaim-dev", "p-cpe:/a:canonical:ubuntu_linux:gaim-data", "cpe:/o:canonical:ubuntu_linux:5.04", "cpe:/o:canonical:ubuntu_linux:4.10", "p-cpe:/a:canonical:ubuntu_linux:gaim"], "cvelist": ["CVE-2005-2370", "CVE-2005-2103", "CVE-2005-2102"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Daniel Atallah discovered a Denial of Service vulnerability in the file transfer handler of OSCAR (the module that handles various instant messaging protocols like ICQ). A remote attacker could crash the Gaim client of an user by attempting to send him a file with a name that contains invalid UTF-8 characters. (CAN-2005-2102)\n\nIt was found that specially crafted 'away' messages triggered a buffer overflow. A remote attacker could exploit this to crash the Gaim client or possibly even execute arbitrary code with the permissions of the Gaim user. (CAN-2005-2103)\n\nSzymon Zygmunt and Michal Bartoszkiewicz discovered a memory alignment error in the Gadu library, which was fixed in USN-162-1.\nHowever, it was discovered that Gaim contains a copy of the vulnerable code. By sending specially crafted messages over the Gadu protocol, a remote attacker could crash Gaim. (CAN-2005-2370).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 4, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "60453a99260e97217d2dda430d498212efab47976cd18cac218d1b4844cb8ce6", "hashmap": [{"hash": "5def28318542b833394bb196f5312b60", "key": "cvelist"}, {"hash": "9ebbba4f7dfab58e7c57c9df7b54d577", "key": "description"}, {"hash": "a15fe4091394770701d1b830c7b3dfd2", "key": "sourceData"}, {"hash": "e2914120514a29eeccc01e381df164d8", "key": "modified"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "51f6f8bb60533faccaf9964766bf4117", "key": "title"}, {"hash": "d0a161de269faf0b3cf3efa18918066d", "key": "cpe"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "575770113bb5f93b2906ef8917facca4", "key": "pluginID"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "8a96d8d6e565c1bd06e216985d146bba", "key": "published"}, {"hash": "c9b7d00377a789a14c9bb9dab6c7168c", "key": "naslFamily"}, {"hash": "3ea495319d2ba146a209aaeb70b152c8", "key": "href"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=20574", "id": "UBUNTU_USN-168-1.NASL", "lastseen": "2018-08-30T19:36:05", "modified": "2018-07-19T00:00:00", "naslFamily": "Ubuntu Local Security Checks", "objectVersion": "1.3", "pluginID": "20574", "published": "2006-01-15T00:00:00", "references": [], "reporter": "Tenable", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-168-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(20574);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/07/19 23:44:03\");\n\n script_cve_id(\"CVE-2005-2102\", \"CVE-2005-2103\", \"CVE-2005-2370\");\n script_bugtraq_id(14531);\n script_xref(name:\"USN\", value:\"168-1\");\n\n script_name(english:\"Ubuntu 4.10 / 5.04 : gaim vulnerabilities (USN-168-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Daniel Atallah discovered a Denial of Service vulnerability in the\nfile transfer handler of OSCAR (the module that handles various\ninstant messaging protocols like ICQ). A remote attacker could crash\nthe Gaim client of an user by attempting to send him a file with a\nname that contains invalid UTF-8 characters. (CAN-2005-2102)\n\nIt was found that specially crafted 'away' messages triggered a buffer\noverflow. A remote attacker could exploit this to crash the Gaim\nclient or possibly even execute arbitrary code with the permissions of\nthe Gaim user. (CAN-2005-2103)\n\nSzymon Zygmunt and Michal Bartoszkiewicz discovered a memory\nalignment error in the Gadu library, which was fixed in USN-162-1.\nHowever, it was discovered that Gaim contains a copy of the vulnerable\ncode. By sending specially crafted messages over the Gadu protocol, a\nremote attacker could crash Gaim. (CAN-2005-2370).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gaim, gaim-data and / or gaim-dev packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gaim-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gaim-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:4.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/01/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2005-2018 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(4\\.10|5\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 4.10 / 5.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"4.10\", pkgname:\"gaim\", pkgver:\"1.0.0-1ubuntu1.8\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"gaim\", pkgver:\"1.1.4-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"gaim-data\", pkgver:\"1.1.4-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"gaim-dev\", pkgver:\"1.1.4-1ubuntu4.4\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gaim / gaim-data / gaim-dev\");\n}\n", "title": "Ubuntu 4.10 / 5.04 : gaim vulnerabilities (USN-168-1)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2018-08-30T19:36:05"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2005-2370", "CVE-2005-2103", "CVE-2005-2102"], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Daniel Atallah discovered a Denial of Service vulnerability in the file transfer handler of OSCAR (the module that handles various instant messaging protocols like ICQ). A remote attacker could crash the Gaim client of an user by attempting to send him a file with a name that contains invalid UTF-8 characters. (CAN-2005-2102)\n\nIt was found that specially crafted 'away' messages triggered a buffer overflow. A remote attacker could exploit this to crash the Gaim client or possibly even execute arbitrary code with the permissions of the Gaim user. (CAN-2005-2103)\n\nSzymon Zygmunt and Michal Bartoszkiewicz discovered a memory alignment error in the Gadu library, which was fixed in USN-162-1.\nHowever, it was discovered that Gaim contains a copy of the vulnerable code. By sending specially crafted messages over the Gadu protocol, a remote attacker could crash Gaim. (CAN-2005-2370).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 1, "enchantments": {}, "hash": "bb86da3d4151dd6ebaae62c10eb69582b082c617cb9152c1e6afc84af456ab5d", "hashmap": [{"hash": "5def28318542b833394bb196f5312b60", "key": "cvelist"}, {"hash": "9ebbba4f7dfab58e7c57c9df7b54d577", "key": "description"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "e5d275b3ebd62646b78320753699e02e", "key": "cvss"}, {"hash": "9f645ae040f3a911c83effe8f4cefb6e", "key": "sourceData"}, {"hash": "51f6f8bb60533faccaf9964766bf4117", "key": "title"}, {"hash": "575770113bb5f93b2906ef8917facca4", "key": "pluginID"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "8a96d8d6e565c1bd06e216985d146bba", "key": "published"}, {"hash": "f5f9e526f94b59bbc9026f5b07b6ef78", "key": "modified"}, {"hash": "c9b7d00377a789a14c9bb9dab6c7168c", "key": "naslFamily"}, {"hash": "3ea495319d2ba146a209aaeb70b152c8", "key": "href"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=20574", "id": "UBUNTU_USN-168-1.NASL", "lastseen": "2016-09-26T17:24:03", "modified": "2016-05-27T00:00:00", "naslFamily": "Ubuntu Local Security Checks", "objectVersion": "1.2", "pluginID": "20574", "published": "2006-01-15T00:00:00", "references": [], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-168-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(20574);\n script_version(\"$Revision: 1.13 $\");\n script_cvs_date(\"$Date: 2016/05/27 14:21:16 $\");\n\n script_cve_id(\"CVE-2005-2102\", \"CVE-2005-2103\", \"CVE-2005-2370\");\n script_bugtraq_id(14531);\n script_xref(name:\"USN\", value:\"168-1\");\n\n script_name(english:\"Ubuntu 4.10 / 5.04 : gaim vulnerabilities (USN-168-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Daniel Atallah discovered a Denial of Service vulnerability in the\nfile transfer handler of OSCAR (the module that handles various\ninstant messaging protocols like ICQ). A remote attacker could crash\nthe Gaim client of an user by attempting to send him a file with a\nname that contains invalid UTF-8 characters. (CAN-2005-2102)\n\nIt was found that specially crafted 'away' messages triggered a buffer\noverflow. A remote attacker could exploit this to crash the Gaim\nclient or possibly even execute arbitrary code with the permissions of\nthe Gaim user. (CAN-2005-2103)\n\nSzymon Zygmunt and Michal Bartoszkiewicz discovered a memory\nalignment error in the Gadu library, which was fixed in USN-162-1.\nHowever, it was discovered that Gaim contains a copy of the vulnerable\ncode. By sending specially crafted messages over the Gadu protocol, a\nremote attacker could crash Gaim. (CAN-2005-2370).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gaim, gaim-data and / or gaim-dev packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gaim-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gaim-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:4.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/01/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2005-2016 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(4\\.10|5\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 4.10 / 5.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"4.10\", pkgname:\"gaim\", pkgver:\"1.0.0-1ubuntu1.8\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"gaim\", pkgver:\"1.1.4-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"gaim-data\", pkgver:\"1.1.4-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"gaim-dev\", pkgver:\"1.1.4-1ubuntu4.4\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gaim / gaim-data / gaim-dev\");\n}\n", "title": "Ubuntu 4.10 / 5.04 : gaim vulnerabilities (USN-168-1)", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:24:03"}], "edition": 7, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "d0a161de269faf0b3cf3efa18918066d"}, {"key": "cvelist", "hash": "5def28318542b833394bb196f5312b60"}, {"key": "cvss", "hash": "e5d275b3ebd62646b78320753699e02e"}, {"key": "description", "hash": "9ebbba4f7dfab58e7c57c9df7b54d577"}, {"key": "href", "hash": "3ea495319d2ba146a209aaeb70b152c8"}, {"key": "modified", "hash": "e2914120514a29eeccc01e381df164d8"}, {"key": "naslFamily", "hash": "c9b7d00377a789a14c9bb9dab6c7168c"}, {"key": "pluginID", "hash": "575770113bb5f93b2906ef8917facca4"}, {"key": "published", "hash": "8a96d8d6e565c1bd06e216985d146bba"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "a15fe4091394770701d1b830c7b3dfd2"}, {"key": "title", "hash": "51f6f8bb60533faccaf9964766bf4117"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "a0d1e360d354e39e687f7c0df5a83c683785637a5fbcd094ff6614ff27207903", "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2005-2102", "CVE-2005-2103", "CVE-2005-2370"]}, {"type": "openvas", "idList": ["OPENVAS:55187", "OPENVAS:136141256231055187", "OPENVAS:55060", "OPENVAS:55044", "OPENVAS:55045", "OPENVAS:54455", "OPENVAS:55343", "OPENVAS:58424", "OPENVAS:55043"]}, {"type": "centos", "idList": ["CESA-2005:627", "CESA-2005:589-01", "CESA-2005:639"]}, {"type": "ubuntu", "idList": ["USN-168-1", "USN-162-1"]}, {"type": "nessus", "idList": ["MANDRAKE_MDKSA-2005-139.NASL", "REDHAT-RHSA-2005-627.NASL", "SLACKWARE_SSA_2005-242-03.NASL", "CENTOS_RHSA-2005-627.NASL", "GENTOO_GLSA-200508-06.NASL", "FREEBSD_PKG_09DB28440B2111DABC080001020EED82.NASL", "REDHAT-RHSA-2005-589.NASL", "FREEBSD_PKG_6D1761D20B2311DABC080001020EED82.NASL", "DEBIAN_DSA-769.NASL", "DEBIAN_DSA-813.NASL"]}, {"type": "slackware", "idList": ["SSA-2005-242-03", "SSA-2005-251-03"]}, {"type": "redhat", "idList": ["RHSA-2005:627", "RHSA-2005:589"]}, {"type": "gentoo", "idList": ["GLSA-200508-06"]}, {"type": "freebsd", "idList": ["09DB2844-0B21-11DA-BC08-0001020EED82", "6D1761D2-0B23-11DA-BC08-0001020EED82", "3B4A6982-0B24-11DA-BC08-0001020EED82"]}, {"type": "osvdb", "idList": ["OSVDB:18669", "OSVDB:18668", "OSVDB:18126"]}, {"type": "debian", "idList": ["DEBIAN:DSA-769-1:7FD30", "DEBIAN:DSA-813-1:20C31", "DEBIAN:DSA-1318-1:D6CCC"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:9723"]}], "modified": "2019-02-21T01:08:56"}, "score": {"value": 7.5, "vector": "NONE"}, "vulnersScore": 7.5}, "objectVersion": "1.3", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-168-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(20574);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/07/19 23:44:03\");\n\n script_cve_id(\"CVE-2005-2102\", \"CVE-2005-2103\", \"CVE-2005-2370\");\n script_bugtraq_id(14531);\n script_xref(name:\"USN\", value:\"168-1\");\n\n script_name(english:\"Ubuntu 4.10 / 5.04 : gaim vulnerabilities (USN-168-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Daniel Atallah discovered a Denial of Service vulnerability in the\nfile transfer handler of OSCAR (the module that handles various\ninstant messaging protocols like ICQ). A remote attacker could crash\nthe Gaim client of an user by attempting to send him a file with a\nname that contains invalid UTF-8 characters. (CAN-2005-2102)\n\nIt was found that specially crafted 'away' messages triggered a buffer\noverflow. A remote attacker could exploit this to crash the Gaim\nclient or possibly even execute arbitrary code with the permissions of\nthe Gaim user. (CAN-2005-2103)\n\nSzymon Zygmunt and Michal Bartoszkiewicz discovered a memory\nalignment error in the Gadu library, which was fixed in USN-162-1.\nHowever, it was discovered that Gaim contains a copy of the vulnerable\ncode. By sending specially crafted messages over the Gadu protocol, a\nremote attacker could crash Gaim. (CAN-2005-2370).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gaim, gaim-data and / or gaim-dev packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gaim-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gaim-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:4.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:5.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/01/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2005-2018 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(4\\.10|5\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 4.10 / 5.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"4.10\", pkgname:\"gaim\", pkgver:\"1.0.0-1ubuntu1.8\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"gaim\", pkgver:\"1.1.4-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"gaim-data\", pkgver:\"1.1.4-1ubuntu4.4\")) flag++;\nif (ubuntu_check(osver:\"5.04\", pkgname:\"gaim-dev\", pkgver:\"1.1.4-1ubuntu4.4\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gaim / gaim-data / gaim-dev\");\n}\n", "naslFamily": "Ubuntu Local Security Checks", "pluginID": "20574", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:gaim-dev", "p-cpe:/a:canonical:ubuntu_linux:gaim-data", "cpe:/o:canonical:ubuntu_linux:5.04", "cpe:/o:canonical:ubuntu_linux:4.10", "p-cpe:/a:canonical:ubuntu_linux:gaim"], "scheme": null}

{"cve": [{"lastseen": "2018-10-20T11:06:10", "bulletinFamily": "NVD", "description": "The AIM/ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) via a filename that contains invalid UTF-8 characters.", "modified": "2018-10-19T11:32:33", "published": "2005-08-16T00:00:00", "id": "CVE-2005-2102", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2102", "title": "CVE-2005-2102", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-10-20T11:06:10", "bulletinFamily": "NVD", "description": "Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a large number of AIM substitution strings, such as %t or %n.", "modified": "2018-10-19T11:32:34", "published": "2005-08-16T00:00:00", "id": "CVE-2005-2103", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2103", "title": "CVE-2005-2103", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-20T11:06:10", "bulletinFamily": "NVD", "description": "Multiple \"memory alignment errors\" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service (bus error) on certain architectures such as SPARC via an incoming message.", "modified": "2018-10-19T11:32:45", "published": "2005-07-26T00:00:00", "id": "CVE-2005-2370", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2370", "title": "CVE-2005-2370", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "redhat": [{"lastseen": "2018-12-11T17:41:53", "bulletinFamily": "unix", "description": "Gaim is an Internet Messaging client.\r\n\r\nA heap based buffer overflow issue was discovered in the way Gaim processes\r\naway messages. A remote attacker could send a specially crafted away\r\nmessage to a Gaim user logged into AIM or ICQ that could result in\r\narbitrary code execution. The Common Vulnerabilities and Exposures project\r\n(cve.mitre.org) has assigned the name CAN-2005-2103 to this issue.\r\n\r\nDaniel Atallah discovered a denial of service issue in Gaim. A remote\r\nattacker could attempt to upload a file with a specially crafted name to a\r\nuser logged into AIM or ICQ, causing Gaim to crash. The Common\r\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\r\nCAN-2005-2102 to this issue.\r\n\r\nA denial of service bug was found in Gaim's Gadu Gadu protocol handler. A\r\nremote attacker could send a specially crafted message to a Gaim user\r\nlogged into Gadu Gadu, causing Gaim to crash. Please note that this issue\r\nonly affects PPC and IBM S/390 systems running Gaim. The Common\r\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\r\nCAN-2005-2370 to this issue.\r\n\r\nUsers of gaim are advised to upgrade to this updated package, which\r\ncontains backported patches and is not vulnerable to these issues.", "modified": "2017-09-08T11:58:31", "published": "2005-08-09T04:00:00", "id": "RHSA-2005:627", "href": "https://access.redhat.com/errata/RHSA-2005:627", "type": "redhat", "title": "(RHSA-2005:627) gaim security update", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-12-11T17:42:59", "bulletinFamily": "unix", "description": "Gaim is an Internet Instant Messaging client.\r\n\r\nA heap based buffer overflow issue was discovered in the way Gaim processes\r\naway messages. A remote attacker could send a specially crafted away\r\nmessage to a Gaim user logged into AIM or ICQ which could result in\r\narbitrary code execution. The Common Vulnerabilities and Exposures project\r\n(cve.mitre.org) has assigned the name CAN-2005-2103 to this issue.\r\n\r\nUsers of gaim are advised to upgrade to this updated package, which\r\ncontains backported patches and is not vulnerable to this issue.", "modified": "2018-03-14T19:26:43", "published": "2005-08-09T04:00:00", "id": "RHSA-2005:589", "href": "https://access.redhat.com/errata/RHSA-2005:589", "type": "redhat", "title": "(RHSA-2005:589) gaim security update", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2019-04-14T06:59:14", "bulletinFamily": "unix", "description": "Daniel Atallah discovered a Denial of Service vulnerability in the file transfer handler of OSCAR (the module that handles various instant messaging protocols like ICQ). A remote attacker could crash the Gaim client of an user by attempting to send him a file with a name that contains invalid UTF-8 characters. (CAN-2005-2102)\n\nIt was found that specially crafted \u201caway\u201d messages triggered a buffer overflow. A remote attacker could exploit this to crash the Gaim client or possibly even execute arbitrary code with the permissions of the Gaim user. (CAN-2005-2103)\n\nSzymon Zygmunt and Micha\u00c5\u201a Bartoszkiewicz discovered a memory alignment error in the Gadu library, which was fixed in USN-162-1. However, it was discovered that Gaim contains a copy of the vulnerable code. By sending specially crafted messages over the Gadu protocol, a remote attacker could crash Gaim. (CAN-2005-2370)", "modified": "2005-08-12T00:00:00", "published": "2005-08-12T00:00:00", "id": "USN-168-1", "href": "https://usn.ubuntu.com/168-1/", "title": "Gaim vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T00:08:54", "bulletinFamily": "unix", "description": "Marcin Owsiany and Wojtek Kaniewski discovered that some contributed scripts (contrib/ekgh, contrib/ekgnv.sh, and contrib/getekg.sh) in the ekg package created temporary files in an insecure way, which allowed exploitation of a race condition to create or overwrite files with the privileges of the user invoking the script. (CAN-2005-1850)\n\nMarcin Owsiany and Wojtek Kaniewski discovered a shell command injection vulnerability in a contributed utility (contrib/scripts/ekgbot-pre1.py). By sending specially crafted content to the bot, an attacker could exploit this to execute arbitrary code with the privileges of the user running ekgbot. (CAN-2005-1851)\n\nMarcin \u015alusarz discovered an integer overflow in the Gadu library. By sending a specially crafted incoming message, a remote attacker could execute arbitrary code with the privileges of the application using libgadu. (CAN-2005-1852)\n\nEric Romang discovered that another contributed script (contrib/scripts/linki.py) created temporary files in an insecure way, which allowed exploitation of a race condition to create or overwrite files with the privileges of the user invoking the script. (CAN-2005-1916)\n\nGrzegorz Ja\u015bkiewicz discovered several integer overflows in the Gadu library. A remote attacker could exploit this to crash the Gadu client application or even execute arbitrary code with the privileges of the user by sending specially crafted messages. (CAN-2005-2369)\n\nSzymon Zygmunt and Micha\u0142 Bartoszkiewicz discovered a memory alignment error in the Gadu library. By sending specially crafted messages, a remote attacker could crash the application using the library. (CAN-2005-2370)\n\nMarcin \u015alusarz discovered that the Gadu library did not properly handle endianess conversion in some cases. This caused invalid behavior on big endian architectures. The only affected supported architecture is powerpc. (CAN-2005-2448)", "modified": "2005-08-09T00:00:00", "published": "2005-08-09T00:00:00", "id": "USN-162-1", "href": "https://usn.ubuntu.com/162-1/", "title": "ekg and Gadu library vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2017-10-03T18:25:28", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2005:627\n\n\nGaim is an Internet Messaging client.\r\n\r\nA heap based buffer overflow issue was discovered in the way Gaim processes\r\naway messages. A remote attacker could send a specially crafted away\r\nmessage to a Gaim user logged into AIM or ICQ that could result in\r\narbitrary code execution. The Common Vulnerabilities and Exposures project\r\n(cve.mitre.org) has assigned the name CAN-2005-2103 to this issue.\r\n\r\nDaniel Atallah discovered a denial of service issue in Gaim. A remote\r\nattacker could attempt to upload a file with a specially crafted name to a\r\nuser logged into AIM or ICQ, causing Gaim to crash. The Common\r\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\r\nCAN-2005-2102 to this issue.\r\n\r\nA denial of service bug was found in Gaim's Gadu Gadu protocol handler. A\r\nremote attacker could send a specially crafted message to a Gaim user\r\nlogged into Gadu Gadu, causing Gaim to crash. Please note that this issue\r\nonly affects PPC and IBM S/390 systems running Gaim. The Common\r\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\r\nCAN-2005-2370 to this issue.\r\n\r\nUsers of gaim are advised to upgrade to this updated package, which\r\ncontains backported patches and is not vulnerable to these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2005-August/012035.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-August/012036.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-August/012047.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-August/012048.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-August/012049.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-August/012050.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-August/012051.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-August/012052.html\n\n**Affected packages:**\ngaim\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2005-627.html", "modified": "2005-08-10T18:22:04", "published": "2005-08-10T08:32:46", "href": "http://lists.centos.org/pipermail/centos-announce/2005-August/012035.html", "id": "CESA-2005:627", "title": "gaim security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-25T19:02:37", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2005:589-01\n\n\nGaim is an Internet Instant Messaging client.\r\n\r\nA heap based buffer overflow issue was discovered in the way Gaim processes\r\naway messages. A remote attacker could send a specially crafted away\r\nmessage to a Gaim user logged into AIM or ICQ which could result in\r\narbitrary code execution. The Common Vulnerabilities and Exposures project\r\n(cve.mitre.org) has assigned the name CAN-2005-2103 to this issue.\r\n\r\nUsers of gaim are advised to upgrade to this updated package, which\r\ncontains backported patches and is not vulnerable to this issue.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2005-August/012030.html\n\n**Affected packages:**\ngaim\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/rh21as-errata.html", "modified": "2005-08-10T04:28:39", "published": "2005-08-10T04:28:39", "href": "http://lists.centos.org/pipermail/centos-announce/2005-August/012030.html", "id": "CESA-2005:589-01", "title": "gaim security update", "type": "centos", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2017-07-24T12:50:32", "bulletinFamily": "scanner", "description": "The remote host is missing an update as announced\nvia advisory SSA:2005-242-03.", "modified": "2017-07-07T00:00:00", "published": "2012-09-11T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=55187", "id": "OPENVAS:55187", "title": "Slackware Advisory SSA:2005-242-03 gaim", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2005_242_03.nasl 6598 2017-07-07 09:36:44Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New gaim packages are available for Slackware 9.0, 9.1, 10.0, 10.1,\nand -current to fix some security issues. including:\n\nAIM/ICQ away message buffer overflow\nAIM/ICQ non-UTF-8 filename crash\nGadu-Gadu memory alignment bug\n\nSites that use GAIM should upgrade to the new version.\n\nMore details about these issues may be found in the Common\nVulnerabilities and Exposures (CVE) database:\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2005-242-03.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2005-242-03\";\n \nif(description)\n{\n script_id(55187);\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:36:44 +0200 (Fri, 07 Jul 2017) $\");\n script_cve_id(\"CVE-2005-2103\", \"CVE-2005-2102\", \"CVE-2005-2370\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 6598 $\");\n name = \"Slackware Advisory SSA:2005-242-03 gaim \";\n script_name(name);\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"gaim\", ver:\"1.5.0-i386-1\", rls:\"SLK9.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"gaim\", ver:\"1.5.0-i486-1\", rls:\"SLK9.1\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"gaim\", ver:\"1.5.0-i486-1\", rls:\"SLK10.0\")) {\n vuln = 1;\n}\nif(isslkpkgvuln(pkg:\"gaim\", ver:\"1.5.0-i486-1\", rls:\"SLK10.1\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-03-18T14:40:41", "bulletinFamily": "scanner", "description": "The remote host is missing an update as announced\nvia advisory SSA:2005-242-03.", "modified": "2019-03-15T00:00:00", "published": "2012-09-11T00:00:00", "id": "OPENVAS:136141256231055187", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231055187", "title": "Slackware Advisory SSA:2005-242-03 gaim", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2005_242_03.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.55187\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_cve_id(\"CVE-2005-2103\", \"CVE-2005-2102\", \"CVE-2005-2370\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 14202 $\");\n script_name(\"Slackware Advisory SSA:2005-242-03 gaim\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK(9\\.0|9\\.1|10\\.0|10\\.1)\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2005-242-03\");\n\n script_tag(name:\"insight\", value:\"New gaim packages are available for Slackware 9.0, 9.1, 10.0, 10.1,\nand -current to fix some security issues. including:\n\nAIM/ICQ away message buffer overflow\nAIM/ICQ non-UTF-8 filename crash\nGadu-Gadu memory alignment bug\n\nSites that use GAIM should upgrade to the new version.\n\nMore details about these issues may be found in the Common\nVulnerabilities and Exposures (CVE) database:\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2005-242-03.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"gaim\", ver:\"1.5.0-i386-1\", rls:\"SLK9.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"gaim\", ver:\"1.5.0-i486-1\", rls:\"SLK9.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"gaim\", ver:\"1.5.0-i486-1\", rls:\"SLK10.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"gaim\", ver:\"1.5.0-i486-1\", rls:\"SLK10.1\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:24", "bulletinFamily": "scanner", "description": "The remote host is missing updates announced in\nadvisory GLSA 200508-06.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=55060", "id": "OPENVAS:55060", "title": "Gentoo Security Advisory GLSA 200508-06 (Gaim)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Gaim is vulnerable to a buffer overflow which could lead to the execution\nof arbitrary code or to a Denial of Service.\";\ntag_solution = \"All Gaim users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-im/gaim-1.5.0'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200508-06\nhttp://bugs.gentoo.org/show_bug.cgi?id=102000\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200508-06.\";\n\n \n\nif(description)\n{\n script_id(55060);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2005-2102\", \"CVE-2005-2103\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200508-06 (Gaim)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-im/gaim\", unaffected: make_list(\"ge 1.5.0\"), vulnerable: make_list(\"lt 1.5.0\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:11", "bulletinFamily": "scanner", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-19T00:00:00", "published": "2008-09-04T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=55044", "id": "OPENVAS:55044", "title": "FreeBSD Ports: gaim, ja-gaim, ko-gaim, ru-gaim", "type": "openvas", "sourceData": "#\n#VID 09db2844-0b21-11da-bc08-0001020eed82\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n gaim\n ja-gaim\n ko-gaim\n ru-gaim\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://gaim.sourceforge.net/security/?id=21\nhttp://www.vuxml.org/freebsd/09db2844-0b21-11da-bc08-0001020eed82.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(55044);\n script_version(\"$Revision: 4112 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-19 15:17:59 +0200 (Mon, 19 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_bugtraq_id(14531);\n script_cve_id(\"CVE-2005-2102\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"FreeBSD Ports: gaim, ja-gaim, ko-gaim, ru-gaim\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"gaim\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.4.0_1\")<0) {\n txt += 'Package gaim version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"ja-gaim\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.4.0_1\")<0) {\n txt += 'Package ja-gaim version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"ko-gaim\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.4.0_1\")<0) {\n txt += 'Package ko-gaim version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"ru-gaim\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.4.0_1\")<0) {\n txt += 'Package ru-gaim version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:27", "bulletinFamily": "scanner", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-19T00:00:00", "published": "2008-09-04T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=55045", "id": "OPENVAS:55045", "title": "FreeBSD Ports: gaim, ja-gaim, ko-gaim, ru-gaim", "type": "openvas", "sourceData": "#\n#VID 6d1761d2-0b23-11da-bc08-0001020eed82\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n gaim\n ja-gaim\n ko-gaim\n ru-gaim\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://gaim.sourceforge.net/security/?id=22\nhttp://www.vuxml.org/freebsd/6d1761d2-0b23-11da-bc08-0001020eed82.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(55045);\n script_version(\"$Revision: 4112 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-19 15:17:59 +0200 (Mon, 19 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_bugtraq_id(14531);\n script_cve_id(\"CVE-2005-2103\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"FreeBSD Ports: gaim, ja-gaim, ko-gaim, ru-gaim\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"gaim\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.4.0_1\")<0) {\n txt += 'Package gaim version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"ja-gaim\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.4.0_1\")<0) {\n txt += 'Package ja-gaim version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"ko-gaim\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.4.0_1\")<0) {\n txt += 'Package ko-gaim version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"ru-gaim\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.4.0_1\")<0) {\n txt += 'Package ru-gaim version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:01", "bulletinFamily": "scanner", "description": "The remote host is missing an update to gaim\nannounced via advisory DSA 769-1.\n\nSzymon Zygmunt and Michal Bartoszkiewicz discovered a memory alignment\nerror in libgadu (from ekg, console Gadu Gadu client, an instant\nmessaging program) which is included in gaim, a multi-protocol instant\nmessaging client, as well. This can not be exploited on the x86\narchitecture but on others, e.g. on Sparc and lead to a bus error,\nin other words a denial of service.\n\nThe old stable distribution (woody) does not seem to be affected by\nthis problem.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=54455", "id": "OPENVAS:54455", "title": "Debian Security Advisory DSA 769-1 (gaim)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_769_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 769-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge) this problem has been fixed in\nversion 1.2.1-1.4.\n\nFor the unstable distribution (sid) this problem will be fixed soon.\n\nWe recommend that you upgrade your gaim package.\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20769-1\";\ntag_summary = \"The remote host is missing an update to gaim\nannounced via advisory DSA 769-1.\n\nSzymon Zygmunt and Michal Bartoszkiewicz discovered a memory alignment\nerror in libgadu (from ekg, console Gadu Gadu client, an instant\nmessaging program) which is included in gaim, a multi-protocol instant\nmessaging client, as well. This can not be exploited on the x86\narchitecture but on others, e.g. on Sparc and lead to a bus error,\nin other words a denial of service.\n\nThe old stable distribution (woody) does not seem to be affected by\nthis problem.\";\n\n\nif(description)\n{\n script_id(54455);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:00:53 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2005-2370\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Debian Security Advisory DSA 769-1 (gaim)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"gaim-data\", ver:\"1.2.1-1.4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gaim\", ver:\"1.2.1-1.4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"gaim-dev\", ver:\"1.2.1-1.4\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:04", "bulletinFamily": "scanner", "description": "The remote host is missing an update to centericq\nannounced via advisory DSA 813-1.\n\nSeveral problems have been discovered in libgadu which is also part of\ncentericq, a text-mode multi-protocol instant messenger client. The\nCommon Vulnerabilities and Exposures project identifies the following\nproblems:\n\nCVE-2005-2369\nMultiple integer signedness errors may allow remote attackers to\ncause a denial of service or execute arbitrary code.\n\nCVE-2005-2370\nMemory alignment errors may allows remote attackers to cause a\ndenial of service on certain architectures such as sparc.\n\nCVE-2005-2448\nSeveral endianness errors may allow remote attackers to cause a\ndenial of service.\n\nThe old stable distribution (woody) is not affected by these problems.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=55343", "id": "OPENVAS:55343", "title": "Debian Security Advisory DSA 813-1 (centericq)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_813_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 813-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge) these problems have been fixed in\nversion 4.20.0-1sarge2.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 4.20.0-9.\n\nWe recommend that you upgrade your centericq package.\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20813-1\";\ntag_summary = \"The remote host is missing an update to centericq\nannounced via advisory DSA 813-1.\n\nSeveral problems have been discovered in libgadu which is also part of\ncentericq, a text-mode multi-protocol instant messenger client. The\nCommon Vulnerabilities and Exposures project identifies the following\nproblems:\n\nCVE-2005-2369\nMultiple integer signedness errors may allow remote attackers to\ncause a denial of service or execute arbitrary code.\n\nCVE-2005-2370\nMemory alignment errors may allows remote attackers to cause a\ndenial of service on certain architectures such as sparc.\n\nCVE-2005-2448\nSeveral endianness errors may allow remote attackers to cause a\ndenial of service.\n\nThe old stable distribution (woody) is not affected by these problems.\";\n\n\nif(description)\n{\n script_id(55343);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:03:37 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2005-2369\", \"CVE-2005-2370\", \"CVE-2005-2448\");\n script_bugtraq_id(14415);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 813-1 (centericq)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"centericq\", ver:\"4.20.0-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"centericq-common\", ver:\"4.20.0-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"centericq-fribidi\", ver:\"4.20.0-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"centericq-utf8\", ver:\"4.20.0-1sarge2\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:20", "bulletinFamily": "scanner", "description": "The remote host is missing an update to ekg\nannounced via advisory DSA 1318-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=58424", "id": "OPENVAS:58424", "title": "Debian Security Advisory DSA 1318-1 (ekg)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1318_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1318-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several remote vulnerabilities have been discovered in ekg, a console\nGadu Gadu client. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2005-2370\n\nIt was discovered that memory alignment errors may allow remote\nattackers to cause a denial of service on certain architectures\nsuch as sparc. This only affects Debian Sarge.\n\nCVE-2005-2448\n\nIt was discovered that several endianness errors may allow remote\nattackers to cause a denial of service. This only affects\nDebian Sarge.\n\nCVE-2007-1663\n\nIt was discovered that a memory leak in handling image messages may\nlead to denial of service. This only affects Debian Etch.\n\nCVE-2007-1664\n\nIt was discovered that a null pointer deference in the token OCR code\nmay lead to denial of service. This only affects Debian Etch.\n\nCVE-2007-1665\n\nIt was discovered that a memory leak in the token OCR code may lead\nto denial of service. This only affects Debian Etch.\n\nFor the oldstable distribution (sarge) these problems have been fixed in\nversion 1.5+20050411-7. This updates lacks updated packages for the m68k\narchitecture. They will be provided later.\n\nFor the stable distribution (etch) these problems have been fixed\nin version 1:1.7~rc2-1etch1.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 1:1.7~rc2-2.\n\nWe recommend that you upgrade your ekg packages.\";\ntag_summary = \"The remote host is missing an update to ekg\nannounced via advisory DSA 1318-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201318-1\";\n\nif(description)\n{\n script_id(58424);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:19:52 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2005-2370\", \"CVE-2005-2448\", \"CVE-2007-1663\", \"CVE-2007-1664\", \"CVE-2007-1665\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Debian Security Advisory DSA 1318-1 (ekg)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"ekg\", ver:\"1.5+20050411-7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgadu-dev\", ver:\"1.5+20050411-7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgadu3\", ver:\"1.5+20050411-7\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ekg\", ver:\"1.7~rc2-1etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgadu-dev\", ver:\"1.7~rc2-1etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libgadu3\", ver:\"1.7~rc2-1etch1\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:10:21", "bulletinFamily": "scanner", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-19T00:00:00", "published": "2008-09-04T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=55043", "id": "OPENVAS:55043", "title": "FreeBSD Ports: gaim, ja-gaim, ko-gaim, ru-gaim", "type": "openvas", "sourceData": "#\n#VID 3b4a6982-0b24-11da-bc08-0001020eed82\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n gaim\n ja-gaim\n ko-gaim\n ru-gaim\n kdenetwork\n pl-ekg\n centericq\n pl-gnugadu\n\nCVE-2005-1850\nCertain contributed scripts for ekg Gadu Gadu client 1.5 and earlier\ncreate temporary files insecurely, with unknown impact and attack\nvectors, a different vulnerability than CVE-2005-1916.\n\nCVE-2005-1851\nA certain contributed script for ekg Gadu Gadu client 1.5 and earlier\nallows attackers to execute shell commands via unknown attack vectors.\n\nCVE-2005-1852\nMultiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3\nto 3.4.1, ekg before 1.6rc3, and other packages, allows remote\nattackers to cause a denial of service (crash) and possibly execute\narbitrary code via an incoming message.\n\nCVE-2005-2369\nMultiple integer signedness errors in libgadu, as used in ekg before\n1.6rc2 and other packages, may allow remote attackers to cause a\ndenial of service or execute arbitrary code.\n\nCVE-2005-2370\nMultiple 'memory alignment errors' in libgadu, as used in ekg before\n1.6rc2 and other packages, allows remote attackers to cause a denial\nof service (bus error) on certain architectures such as SPARC via an\nincoming message.\n\nCVE-2005-2448\nMultiple 'endianness errors' in libgadu in ekg before 1.6rc2 allow\nremote attackers to cause a denial of service (invalid behaviour in\napplications) on big-endian systems.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://gaim.sourceforge.net/security/?id=20\nhttp://www.kde.org/info/security/advisory-20050721-1.txt\nhttp://marc.theaimsgroup.com/?l=bugtraq&m=112198499417250\nhttp://www.vuxml.org/freebsd/3b4a6982-0b24-11da-bc08-0001020eed82.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(55043);\n script_version(\"$Revision: 4112 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-19 15:17:59 +0200 (Mon, 19 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2005-1850\", \"CVE-2005-1851\", \"CVE-2005-1852\", \"CVE-2005-2369\", \"CVE-2005-2370\", \"CVE-2005-2448\");\n script_bugtraq_id(14345);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"FreeBSD Ports: gaim, ja-gaim, ko-gaim, ru-gaim\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"gaim\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.5.0\")<0) {\n txt += 'Package gaim version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"ja-gaim\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.5.0\")<0) {\n txt += 'Package ja-gaim version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"ko-gaim\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.5.0\")<0) {\n txt += 'Package ko-gaim version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"ru-gaim\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.5.0\")<0) {\n txt += 'Package ru-gaim version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"kdenetwork\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.2.2\")>0 && revcomp(a:bver, b:\"3.4.2\")<0) {\n txt += 'Package kdenetwork version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"pl-ekg\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.6r3,1\")<0) {\n txt += 'Package pl-ekg version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"centericq\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0\")>0) {\n txt += 'Package centericq version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"pl-gnugadu\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0\")>0) {\n txt += 'Package pl-gnugadu version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2019-02-21T01:08:43", "bulletinFamily": "scanner", "description": "An updated gaim package that fixes multiple security issues is now available.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nGaim is an Internet Messaging client.\n\nA heap based buffer overflow issue was discovered in the way Gaim processes away messages. A remote attacker could send a specially crafted away message to a Gaim user logged into AIM or ICQ that could result in arbitrary code execution. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2103 to this issue.\n\nDaniel Atallah discovered a denial of service issue in Gaim. A remote attacker could attempt to upload a file with a specially crafted name to a user logged into AIM or ICQ, causing Gaim to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2102 to this issue.\n\nA denial of service bug was found in Gaim's Gadu Gadu protocol handler. A remote attacker could send a specially crafted message to a Gaim user logged into Gadu Gadu, causing Gaim to crash. Please note that this issue only affects PPC and IBM S/390 systems running Gaim.\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2370 to this issue.\n\nUsers of gaim are advised to upgrade to this updated package, which contains backported patches and is not vulnerable to these issues.", "modified": "2018-11-15T00:00:00", "id": "REDHAT-RHSA-2005-627.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=19423", "published": "2005-08-12T00:00:00", "title": "RHEL 3 / 4 : gaim (RHSA-2005:627)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2005:627. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(19423);\n script_version (\"1.21\");\n script_cvs_date(\"Date: 2018/11/15 11:40:30\");\n\n script_cve_id(\"CVE-2005-2102\", \"CVE-2005-2103\", \"CVE-2005-2370\");\n script_bugtraq_id(14531);\n script_xref(name:\"RHSA\", value:\"2005:627\");\n\n script_name(english:\"RHEL 3 / 4 : gaim (RHSA-2005:627)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated gaim package that fixes multiple security issues is now\navailable.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nGaim is an Internet Messaging client.\n\nA heap based buffer overflow issue was discovered in the way Gaim\nprocesses away messages. A remote attacker could send a specially\ncrafted away message to a Gaim user logged into AIM or ICQ that could\nresult in arbitrary code execution. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the name CVE-2005-2103\nto this issue.\n\nDaniel Atallah discovered a denial of service issue in Gaim. A remote\nattacker could attempt to upload a file with a specially crafted name\nto a user logged into AIM or ICQ, causing Gaim to crash. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the\nname CVE-2005-2102 to this issue.\n\nA denial of service bug was found in Gaim's Gadu Gadu protocol\nhandler. A remote attacker could send a specially crafted message to a\nGaim user logged into Gadu Gadu, causing Gaim to crash. Please note\nthat this issue only affects PPC and IBM S/390 systems running Gaim.\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CVE-2005-2370 to this issue.\n\nUsers of gaim are advised to upgrade to this updated package, which\ncontains backported patches and is not vulnerable to these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-2102\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-2103\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-2370\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2005:627\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gaim package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/08/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x / 4.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2005:627\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"gaim-1.3.1-0.el3.3\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"gaim-1.3.1-0.el4.3\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gaim\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:08:47", "bulletinFamily": "scanner", "description": "New gaim packages are available for Slackware 9.0, 9.1, 10.0, 10.1, and -current to fix some security issues. including: AIM/ICQ away message buffer overflow AIM/ICQ non-UTF-8 filename crash Gadu-Gadu memory alignment bug Sites that use GAIM should upgrade to the new version.", "modified": "2018-08-09T00:00:00", "id": "SLACKWARE_SSA_2005-242-03.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=19860", "published": "2005-10-05T00:00:00", "title": "Slackware 10.0 / 10.1 / 9.0 / 9.1 / current : gaim (SSA:2005-242-03)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2005-242-03. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(19860);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2018/08/09 17:06:37\");\n\n script_cve_id(\"CVE-2005-2102\", \"CVE-2005-2103\", \"CVE-2005-2370\");\n script_xref(name:\"SSA\", value:\"2005-242-03\");\n\n script_name(english:\"Slackware 10.0 / 10.1 / 9.0 / 9.1 / current : gaim (SSA:2005-242-03)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New gaim packages are available for Slackware 9.0, 9.1, 10.0, 10.1,\nand -current to fix some security issues. including: AIM/ICQ away\nmessage buffer overflow AIM/ICQ non-UTF-8 filename crash Gadu-Gadu\nmemory alignment bug Sites that use GAIM should upgrade to the new\nversion.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.407421\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f0a4306e\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gaim package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/08/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/10/05\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"9.0\", pkgname:\"gaim\", pkgver:\"1.5.0\", pkgarch:\"i386\", pkgnum:\"1\")) flag++;\n\nif (slackware_check(osver:\"9.1\", pkgname:\"gaim\", pkgver:\"1.5.0\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\n\nif (slackware_check(osver:\"10.0\", pkgname:\"gaim\", pkgver:\"1.5.0\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\n\nif (slackware_check(osver:\"10.1\", pkgname:\"gaim\", pkgver:\"1.5.0\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"gaim\", pkgver:\"1.5.0\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:08:48", "bulletinFamily": "scanner", "description": "Yet more vulnerabilities have been discovered in the gaim IM client.\nInvalid characters in a sent file can cause Gaim to crash on some systems (CVE-2005-2102); a remote AIM or ICQ user can cause a buffer overflow in Gaim by setting an away message containing many AIM substitution strings (CVE-2005-2103); a memory alignment bug in the library used by Gaim to access the Gadu-Gadu network can result in a buffer overflow on non-x86 architecture systems (CVE-2005-2370).\n\nThese problems have been corrected in gaim 1.5.0 which is provided with this update.", "modified": "2018-07-19T00:00:00", "id": "MANDRAKE_MDKSA-2005-139.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=19896", "published": "2005-10-05T00:00:00", "title": "Mandrake Linux Security Advisory : gaim (MDKSA-2005:139)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2005:139. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(19896);\n script_version (\"1.16\");\n script_cvs_date(\"Date: 2018/07/19 20:59:13\");\n\n script_cve_id(\"CVE-2005-2102\", \"CVE-2005-2103\", \"CVE-2005-2370\");\n script_xref(name:\"MDKSA\", value:\"2005:139\");\n\n script_name(english:\"Mandrake Linux Security Advisory : gaim (MDKSA-2005:139)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Yet more vulnerabilities have been discovered in the gaim IM client.\nInvalid characters in a sent file can cause Gaim to crash on some\nsystems (CVE-2005-2102); a remote AIM or ICQ user can cause a buffer\noverflow in Gaim by setting an away message containing many AIM\nsubstitution strings (CVE-2005-2103); a memory alignment bug in the\nlibrary used by Gaim to access the Gadu-Gadu network can result in a\nbuffer overflow on non-x86 architecture systems (CVE-2005-2370).\n\nThese problems have been corrected in gaim 1.5.0 which is provided\nwith this update.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gaim-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gaim-gevolution\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gaim-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gaim-silc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:gaim-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64gaim-remote0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64gaim-remote0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libgaim-remote0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libgaim-remote0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:mandrakesoft:mandrake_linux:le2005\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/08/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/10/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK10.1\", reference:\"gaim-1.5.0-0.1.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"gaim-devel-1.5.0-0.1.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"gaim-gevolution-1.5.0-0.1.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"gaim-perl-1.5.0-0.1.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"gaim-tcl-1.5.0-0.1.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64gaim-remote0-1.5.0-0.1.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64gaim-remote0-devel-1.5.0-0.1.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libgaim-remote0-1.5.0-0.1.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libgaim-remote0-devel-1.5.0-0.1.101mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK10.2\", reference:\"gaim-1.5.0-0.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"gaim-devel-1.5.0-0.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"gaim-gevolution-1.5.0-0.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"gaim-perl-1.5.0-0.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"gaim-silc-1.5.0-0.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", reference:\"gaim-tcl-1.5.0-0.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", cpu:\"x86_64\", reference:\"lib64gaim-remote0-1.5.0-0.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", cpu:\"x86_64\", reference:\"lib64gaim-remote0-devel-1.5.0-0.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", cpu:\"i386\", reference:\"libgaim-remote0-1.5.0-0.1.102mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.2\", cpu:\"i386\", reference:\"libgaim-remote0-devel-1.5.0-0.1.102mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:09:13", "bulletinFamily": "scanner", "description": "An updated gaim package that fixes multiple security issues is now available.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nGaim is an Internet Messaging client.\n\nA heap based buffer overflow issue was discovered in the way Gaim processes away messages. A remote attacker could send a specially crafted away message to a Gaim user logged into AIM or ICQ that could result in arbitrary code execution. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2103 to this issue.\n\nDaniel Atallah discovered a denial of service issue in Gaim. A remote attacker could attempt to upload a file with a specially crafted name to a user logged into AIM or ICQ, causing Gaim to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2102 to this issue.\n\nA denial of service bug was found in Gaim's Gadu Gadu protocol handler. A remote attacker could send a specially crafted message to a Gaim user logged into Gadu Gadu, causing Gaim to crash. Please note that this issue only affects PPC and IBM S/390 systems running Gaim.\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2370 to this issue.\n\nUsers of gaim are advised to upgrade to this updated package, which contains backported patches and is not vulnerable to these issues.", "modified": "2018-11-10T00:00:00", "id": "CENTOS_RHSA-2005-627.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=21846", "published": "2006-07-03T00:00:00", "title": "CentOS 3 / 4 : gaim (CESA-2005:627)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2005:627 and \n# CentOS Errata and Security Advisory 2005:627 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(21846);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/11/10 11:49:27\");\n\n script_cve_id(\"CVE-2005-2102\", \"CVE-2005-2103\", \"CVE-2005-2370\");\n script_bugtraq_id(14531);\n script_xref(name:\"RHSA\", value:\"2005:627\");\n\n script_name(english:\"CentOS 3 / 4 : gaim (CESA-2005:627)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated gaim package that fixes multiple security issues is now\navailable.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nGaim is an Internet Messaging client.\n\nA heap based buffer overflow issue was discovered in the way Gaim\nprocesses away messages. A remote attacker could send a specially\ncrafted away message to a Gaim user logged into AIM or ICQ that could\nresult in arbitrary code execution. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the name CVE-2005-2103\nto this issue.\n\nDaniel Atallah discovered a denial of service issue in Gaim. A remote\nattacker could attempt to upload a file with a specially crafted name\nto a user logged into AIM or ICQ, causing Gaim to crash. The Common\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the\nname CVE-2005-2102 to this issue.\n\nA denial of service bug was found in Gaim's Gadu Gadu protocol\nhandler. A remote attacker could send a specially crafted message to a\nGaim user logged into Gadu Gadu, causing Gaim to crash. Please note\nthat this issue only affects PPC and IBM S/390 systems running Gaim.\nThe Common Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CVE-2005-2370 to this issue.\n\nUsers of gaim are advised to upgrade to this updated package, which\ncontains backported patches and is not vulnerable to these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-August/012035.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bde62fab\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-August/012036.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c4e9f139\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-August/012047.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2fd32204\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-August/012048.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6c1479ab\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-August/012049.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3e4ca783\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-August/012050.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?72e67002\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gaim package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/08/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/07/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", reference:\"gaim-1.3.1-0.el3.3\")) flag++;\n\nif (rpm_check(release:\"CentOS-4\", reference:\"gaim-1.3.1-0.el4.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:08:43", "bulletinFamily": "scanner", "description": "The remote host is affected by the vulnerability described in GLSA-200508-06 (Gaim: Remote execution of arbitrary code)\n\n Brandon Perry discovered that Gaim is vulnerable to a heap-based buffer overflow when handling away messages (CAN-2005-2103).\n Furthermore, Daniel Atallah discovered a vulnerability in the handling of file transfers (CAN-2005-2102).\n Impact :\n\n A remote attacker could create a specially crafted away message which, when viewed by the target user, could lead to the execution of arbitrary code. Also, an attacker could send a file with a non-UTF8 filename to a user, which would result in a Denial of Service.\n Workaround :\n\n There is no known workaround at this time.", "modified": "2018-07-11T00:00:00", "id": "GENTOO_GLSA-200508-06.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=19439", "published": "2005-08-18T00:00:00", "title": "GLSA-200508-06 : Gaim: Remote execution of arbitrary code", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200508-06.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(19439);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/07/11 17:09:25\");\n\n script_cve_id(\"CVE-2005-2102\", \"CVE-2005-2103\");\n script_bugtraq_id(14531);\n script_xref(name:\"GLSA\", value:\"200508-06\");\n\n script_name(english:\"GLSA-200508-06 : Gaim: Remote execution of arbitrary code\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200508-06\n(Gaim: Remote execution of arbitrary code)\n\n Brandon Perry discovered that Gaim is vulnerable to a heap-based\n buffer overflow when handling away messages (CAN-2005-2103).\n Furthermore, Daniel Atallah discovered a vulnerability in the handling\n of file transfers (CAN-2005-2102).\n \nImpact :\n\n A remote attacker could create a specially crafted away message\n which, when viewed by the target user, could lead to the execution of\n arbitrary code. Also, an attacker could send a file with a non-UTF8\n filename to a user, which would result in a Denial of Service.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200508-06\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Gaim users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-im/gaim-1.5.0'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/08/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/08/18\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/08/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-im/gaim\", unaffected:make_list(\"ge 1.5.0\"), vulnerable:make_list(\"lt 1.5.0\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Gaim\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:09:08", "bulletinFamily": "scanner", "description": "The GAIM team reports :\n\nA remote AIM or ICQ user can cause a buffer overflow in Gaim by setting an away message containing many AIM substitution strings (such as %t or %n).", "modified": "2018-12-19T00:00:00", "id": "FREEBSD_PKG_6D1761D20B2311DABC080001020EED82.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=21447", "published": "2006-05-13T00:00:00", "title": "FreeBSD : gaim -- AIM/ICQ away message buffer overflow (6d1761d2-0b23-11da-bc08-0001020eed82)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(21447);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/12/19 13:21:17\");\n\n script_cve_id(\"CVE-2005-2103\");\n\n script_name(english:\"FreeBSD : gaim -- AIM/ICQ away message buffer overflow (6d1761d2-0b23-11da-bc08-0001020eed82)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The GAIM team reports :\n\nA remote AIM or ICQ user can cause a buffer overflow in Gaim by\nsetting an away message containing many AIM substitution strings (such\nas %t or %n).\"\n );\n # http://gaim.sourceforge.net/security/?id=22\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.pidgin.im/news/security/?id=22\"\n );\n # https://vuxml.freebsd.org/freebsd/6d1761d2-0b23-11da-bc08-0001020eed82.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?541d7bcd\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ja-gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ko-gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ru-gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/05/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"gaim<1.4.0_1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ja-gaim<1.4.0_1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ko-gaim<1.4.0_1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ru-gaim<1.4.0_1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:08:43", "bulletinFamily": "scanner", "description": "An updated gaim package that fixes a buffer overflow security issue is now available.\n\nThis update has been rated as having critical security impact by the Red Hat Security Response Team.\n\nGaim is an Internet Instant Messaging client.\n\nA heap based buffer overflow issue was discovered in the way Gaim processes away messages. A remote attacker could send a specially crafted away message to a Gaim user logged into AIM or ICQ which could result in arbitrary code execution. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2103 to this issue.\n\nUsers of gaim are advised to upgrade to this updated package, which contains backported patches and is not vulnerable to this issue.", "modified": "2018-11-15T00:00:00", "id": "REDHAT-RHSA-2005-589.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=19422", "published": "2005-08-12T00:00:00", "title": "RHEL 2.1 : gaim (RHSA-2005:589)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2005:589. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(19422);\n script_version (\"1.21\");\n script_cvs_date(\"Date: 2018/11/15 11:40:30\");\n\n script_cve_id(\"CVE-2005-2103\");\n script_bugtraq_id(14531);\n script_xref(name:\"RHSA\", value:\"2005:589\");\n\n script_name(english:\"RHEL 2.1 : gaim (RHSA-2005:589)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated gaim package that fixes a buffer overflow security issue is\nnow available.\n\nThis update has been rated as having critical security impact by the\nRed Hat Security Response Team.\n\nGaim is an Internet Instant Messaging client.\n\nA heap based buffer overflow issue was discovered in the way Gaim\nprocesses away messages. A remote attacker could send a specially\ncrafted away message to a Gaim user logged into AIM or ICQ which could\nresult in arbitrary code execution. The Common Vulnerabilities and\nExposures project (cve.mitre.org) has assigned the name CVE-2005-2103\nto this issue.\n\nUsers of gaim are advised to upgrade to this updated package, which\ncontains backported patches and is not vulnerable to this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2005-2103\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2005:589\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gaim package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/08/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^2\\.1([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i386\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2005:589\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"gaim-0.59.9-5.el2\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gaim\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:09:08", "bulletinFamily": "scanner", "description": "The GAIM team reports :\n\nA remote user could cause Gaim to crash on some systems by sending the Gaim user a file whose filename contains certain invalid characters.\nIt is unknown what combination of systems are affected, but it is suspected that Windows users and systems with older versions of GTK+ are especially susceptible.", "modified": "2018-12-19T00:00:00", "id": "FREEBSD_PKG_09DB28440B2111DABC080001020EED82.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=21383", "published": "2006-05-13T00:00:00", "title": "FreeBSD : gaim -- AIM/ICQ non-UTF-8 filename crash (09db2844-0b21-11da-bc08-0001020eed82)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(21383);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2018/12/19 13:21:17\");\n\n script_cve_id(\"CVE-2005-2102\");\n\n script_name(english:\"FreeBSD : gaim -- AIM/ICQ non-UTF-8 filename crash (09db2844-0b21-11da-bc08-0001020eed82)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The GAIM team reports :\n\nA remote user could cause Gaim to crash on some systems by sending the\nGaim user a file whose filename contains certain invalid characters.\nIt is unknown what combination of systems are affected, but it is\nsuspected that Windows users and systems with older versions of GTK+\nare especially susceptible.\"\n );\n # http://gaim.sourceforge.net/security/?id=21\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.pidgin.im/news/security/?id=21\"\n );\n # https://vuxml.freebsd.org/freebsd/09db2844-0b21-11da-bc08-0001020eed82.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f5eb402f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ja-gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ko-gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ru-gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/05/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"gaim<1.4.0_1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ja-gaim<1.4.0_1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ko-gaim<1.4.0_1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"ru-gaim<1.4.0_1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:08:42", "bulletinFamily": "scanner", "description": "Szymon Zygmunt and Michal Bartoszkiewicz discovered a memory alignment error in libgadu (from ekg, console Gadu Gadu client, an instant messaging program) which is included in gaim, a multi-protocol instant messaging client, as well. This can not be exploited on the x86 architecture but on others, e.g. on Sparc and lead to a bus error, in other words a denial of service.\n\nThe old stable distribution (woody) does not seem to be affected by this problem.", "modified": "2018-08-09T00:00:00", "id": "DEBIAN_DSA-769.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=19318", "published": "2005-07-31T00:00:00", "title": "Debian DSA-769-1 : gaim - memory alignment bug", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-769. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(19318);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2018/08/09 17:06:36\");\n\n script_cve_id(\"CVE-2005-2370\");\n script_xref(name:\"DSA\", value:\"769\");\n\n script_name(english:\"Debian DSA-769-1 : gaim - memory alignment bug\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Szymon Zygmunt and Michal Bartoszkiewicz discovered a memory alignment\nerror in libgadu (from ekg, console Gadu Gadu client, an instant\nmessaging program) which is included in gaim, a multi-protocol instant\nmessaging client, as well. This can not be exploited on the x86\narchitecture but on others, e.g. on Sparc and lead to a bus error, in\nother words a denial of service.\n\nThe old stable distribution (woody) does not seem to be affected by\nthis problem.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2005/dsa-769\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the gaim package.\n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 1.2.1-1.4.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:gaim\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/07/31\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"gaim\", reference:\"1.2.1-1.4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"gaim-data\", reference:\"1.2.1-1.4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"gaim-dev\", reference:\"1.2.1-1.4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:08:46", "bulletinFamily": "scanner", "description": "Several problems have been discovered in libgadu which is also part of centericq, a text-mode multi-protocol instant messenger client. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CAN-2005-2369 Multiple integer signedness errors may allow remote attackers to cause a denial of service or execute arbitrary code.\n\n - CAN-2005-2370\n\n Memory alignment errors may allows remote attackers to cause a denial of service on certain architectures such as sparc.\n\n - CAN-2005-2448\n\n Several endianess errors may allow remote attackers to cause a denial of service.", "modified": "2018-07-20T00:00:00", "id": "DEBIAN_DSA-813.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=19709", "published": "2005-09-17T00:00:00", "title": "Debian DSA-813-1 : centericq - several vulnerabilities", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-813. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(19709);\n script_version(\"1.19\");\n script_cvs_date(\"Date: 2018/07/20 2:17:11\");\n\n script_cve_id(\"CVE-2005-2369\", \"CVE-2005-2370\", \"CVE-2005-2448\");\n script_bugtraq_id(14415);\n script_xref(name:\"DSA\", value:\"813\");\n\n script_name(english:\"Debian DSA-813-1 : centericq - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several problems have been discovered in libgadu which is also part of\ncentericq, a text-mode multi-protocol instant messenger client. The\nCommon Vulnerabilities and Exposures project identifies the following\nproblems :\n\n - CAN-2005-2369\n Multiple integer signedness errors may allow remote\n attackers to cause a denial of service or execute\n arbitrary code.\n\n - CAN-2005-2370\n\n Memory alignment errors may allows remote attackers to\n cause a denial of service on certain architectures such\n as sparc.\n\n - CAN-2005-2448\n\n Several endianess errors may allow remote attackers to\n cause a denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2005/dsa-813\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the centericq package.\n\nThe old stable distribution (woody) is not affected by these problems.\n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 4.20.0-1sarge2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:centericq\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/09/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/09/17\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"centericq\", reference:\"4.20.0-1sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"centericq-common\", reference:\"4.20.0-1sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"centericq-fribidi\", reference:\"4.20.0-1sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"centericq-utf8\", reference:\"4.20.0-1sarge2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "slackware": [{"lastseen": "2018-08-31T02:36:52", "bulletinFamily": "unix", "description": "New gaim packages are available for Slackware 9.0, 9.1, 10.0, 10.1,\nand -current to fix some security issues. including:\n\n AIM/ICQ away message buffer overflow\n AIM/ICQ non-UTF-8 filename crash\n Gadu-Gadu memory alignment bug\n\nSites that use GAIM should upgrade to the new version.\n\nMore details about these issues may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2103\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2102\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2370\n\n\nHere are the details from the Slackware 10.1 ChangeLog:\n\npatches/packages/gaim-1.5.0-i486-1.tgz: Upgraded to gaim-1.5.0.\n This fixes some more security issues.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2103\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2102\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2370\n (* Security fix *)\n\nWhere to find the new packages:\n\nUpdated package for Slackware 9.0:\nftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/gaim-1.5.0-i386-1.tgz\n\nUpdated package for Slackware 9.1:\nftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/gaim-1.5.0-i486-1.tgz\n\nUpdated package for Slackware 10.0:\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/gaim-1.5.0-i486-1.tgz\n\nUpdated package for Slackware 10.1:\nftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/gaim-1.5.0-i486-1.tgz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/gaim-1.5.0-i486-1.tgz\n\n\nMD5 signatures:\n\nSlackware 9.0 package:\n676bad766cfddb50c7453554d66b1748 gaim-1.5.0-i386-1.tgz\n\nSlackware 9.1 package:\nd2cc0baba627ba9dbf3f218bdeacc630 gaim-1.5.0-i486-1.tgz\n\nSlackware 10.0 package:\n98d55471ed0a2f9def7fcded90860839 gaim-1.5.0-i486-1.tgz\n\nSlackware 10.1 package:\nbc6891f4acb22530c472218f5d9493fb gaim-1.5.0-i486-1.tgz\n\nSlackware -current package:\nb9a55d4359183b81e1150bea6e13b61e gaim-1.5.0-i486-1.tgz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg gaim-1.5.0-i486-1.tgz", "modified": "2005-08-30T15:54:29", "published": "2005-08-30T15:54:29", "id": "SSA-2005-242-03", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.407421", "title": "gaim", "type": "slackware", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T00:36:58", "bulletinFamily": "unix", "description": "This advisory summarizes recent security fixes in Slackware -current.\n\nUsually security advisories are not issued on problems that exist only\nwithin the test version of Slackware (slackware-current), but since it's\nso close to being released as Slackware 10.2, and since there have been\nseveral -cuurent-only issues recently, it has been decided that it would\nbe a good idea to release a summary of all of the security fixes in\nSlackware -current for the last 2 weeks. Some of these are -current only,\nand some affect other versions of Slackware (and advisories for these\nhave already been issued).\n\n\nHere are the details from the Slackware -current ChangeLog:\n\nap/groff-1.19.1-i486-3.tgz: Fixed a /tmp bug in groffer. Groffer is a\n script to display formatted output on the console or X, and is not normally\n used in other scripts (for printers, etc) like most groff components are.\n The risk from this bug is probably quite low. The fix was pulled from the\n just-released groff-1.19.2. With Slackware 10.2 just around the corner it\n didn't seem prudent to upgrade to that -- the diff from 1.19.1 to 1.19.2\n is over a megabyte compressed.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0969\n (* Security fix *)\n\nkde/kdebase-3.4.2-i486-2.tgz: Patched a bug in Konqueror's handling of\n characters such as '*', '[', and '?'.\n Generated new kdm config files.\n Added /opt/kde/man to $MANPATH.\n Patched a security bug in kcheckpass that could allow a local user to\n gain root privileges.\n For more information, see:\n http://www.kde.org/info/security/advisory-20050905-1.txt\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2494\n (* Security fix *)\n\nn/mod_ssl-2.8.24_1.3.33-i486-1.tgz: Upgraded to mod_ssl-2.8.24-1.3.33.\n From the CHANGES file:\n Fix a security issue (CAN-2005-2700) where &quot;SSLVerifyClient require&quot; was\n not enforced in per-location context if &quot;SSLVerifyClient optional&quot; was\n configured in the global virtual host configuration.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2700\n (* Security fix *)\n\nn/openssh-4.2p1-i486-1.tgz: Upgraded to openssh-4.2p1.\n From the OpenSSH 4.2 release announcement:\n SECURITY: Fix a bug introduced in OpenSSH 4.0 that caused\n GatewayPorts to be incorrectly activated for dynamic (&quot;-D&quot;) port\n forwardings when no listen address was explicitly specified.\n (* Security fix *)\n\nkde/kdeedu-3.4.2-i486-2.tgz: Fixed a minor /tmp bug in kvoctrain.\n (* Security fix *)\n\nn/php-4.4.0-i486-3.tgz: Relinked with the system PCRE library, as the builtin\n library has a buffer overflow that could be triggered by the processing of a\n specially crafted regular expression.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491\n (* Security fix *)\n Upgraded PEAR::XMLRPC to version 1.4.0, which eliminates the use of the\n insecure eval() function.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2498\n (* Security fix *)\n\nxap/gaim-1.5.0-i486-1.tgz: Upgraded to gaim-1.5.0.\n This fixes some more security issues.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2103\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2102\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2370\n (* Security fix *)\n\ntesting/packages/php-5.0.4/php-5.0.4-i486-3.tgz: Relinked with the\n system PCRE library, as the builtin library has a buffer overflow\n that could be triggered by the processing of a specially crafted\n regular expression.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491\n (* Security fix *)\n Upgraded PEAR::XMLRPC to version 1.4.0, which eliminates the use of the\n insecure eval() function.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2498\n (* Security fix *)\n Recompiled with support for mbstring, cURL, and XSLT.\n Thanks to Den (aka Diesel) for suggesting XSLT.\n\nWhere to find the new packages:\n\nAdd of these packages are available in the slackware-current directory\non ftp.slackware.com:\n\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/ap/groff-1.19.1-i486-3.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/kde/kdebase-3.4.2-i486-2.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/mod_ssl-2.8.24_1.3.33-i486-1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openssh-4.2p1-i486-1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/kde/kdeedu-3.4.2-i486-2.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-4.4.0-i486-3.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/gaim-1.5.0-i486-1.tgz\nftp://ftp.slackware.com/pub/slackware/slackware-current/testing/packages/php-5.0.4/php-5.0.4-i486-3.tgz\n\nA .asc file is provided next to each package. This can be used along\nwith 'gpg --verify' to verify the integrity of the packages.", "modified": "2005-09-08T15:55:02", "published": "2005-09-08T15:55:02", "id": "SSA-2005-251-03", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.651553", "title": "slackware-current security updates", "type": "slackware", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:17", "bulletinFamily": "unix", "description": "### Background\n\nGaim is a full featured instant messaging client which handles a variety of instant messaging protocols. \n\n### Description\n\nBrandon Perry discovered that Gaim is vulnerable to a heap-based buffer overflow when handling away messages (CAN-2005-2103). Furthermore, Daniel Atallah discovered a vulnerability in the handling of file transfers (CAN-2005-2102). \n\n### Impact\n\nA remote attacker could create a specially crafted away message which, when viewed by the target user, could lead to the execution of arbitrary code. Also, an attacker could send a file with a non-UTF8 filename to a user, which would result in a Denial of Service. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Gaim users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-im/gaim-1.5.0\"", "modified": "2005-08-15T00:00:00", "published": "2005-08-15T00:00:00", "id": "GLSA-200508-06", "href": "https://security.gentoo.org/glsa/200508-06", "type": "gentoo", "title": "Gaim: Remote execution of arbitrary code", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:15", "bulletinFamily": "software", "description": "## Vulnerability Description\nGaim contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker attempts to send a file with non-utf8 characters, and will result in loss of availability for the program.\n## Solution Description\nUpgrade to version 1.5.0 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nGaim contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker attempts to send a file with non-utf8 characters, and will result in loss of availability for the program.\n## References:\n[Vendor Specific Advisory URL](http://gaim.sourceforge.net/security/index.php?id=21)\n[Secunia Advisory ID:16384](https://secuniaresearch.flexerasoftware.com/advisories/16384/)\n[Secunia Advisory ID:16437](https://secuniaresearch.flexerasoftware.com/advisories/16437/)\n[Secunia Advisory ID:16387](https://secuniaresearch.flexerasoftware.com/advisories/16387/)\n[Secunia Advisory ID:16423](https://secuniaresearch.flexerasoftware.com/advisories/16423/)\n[Secunia Advisory ID:16436](https://secuniaresearch.flexerasoftware.com/advisories/16436/)\n[Secunia Advisory ID:16442](https://secuniaresearch.flexerasoftware.com/advisories/16442/)\n[Secunia Advisory ID:16483](https://secuniaresearch.flexerasoftware.com/advisories/16483/)\n[Secunia Advisory ID:16637](https://secuniaresearch.flexerasoftware.com/advisories/16637/)\n[Secunia Advisory ID:16379](https://secuniaresearch.flexerasoftware.com/advisories/16379/)\n[Secunia Advisory ID:16535](https://secuniaresearch.flexerasoftware.com/advisories/16535/)\n[Related OSVDB ID: 18669](https://vulners.com/osvdb/OSVDB:18669)\nRedHat RHSA: RHSA-2005:627\nRedHat RHSA: RHSA-2005:589\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200508-06.xml\nOther Advisory URL: ftp://patches.sgi.com/support/free/security/advisories/20050802-01-U.asc\nOther Advisory URL: http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.407421\nOther Advisory URL: http://www.ubuntulinux.org/support/documentation/usn/usn-168-1\nOther Advisory URL: http://www.novell.com/linux/security/advisories/2005_19_sr.html\nOther Advisory URL: http://frontal1.mandriva.com/security/advisories?name=MDKSA-2005:139\n[CVE-2005-2102](https://vulners.com/cve/CVE-2005-2102)\n", "modified": "2005-08-10T09:38:45", "published": "2005-08-10T09:38:45", "href": "https://vulners.com/osvdb/OSVDB:18668", "id": "OSVDB:18668", "type": "osvdb", "title": "Gaim Non-utf8 Invalid Filename Remote DoS", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:15", "bulletinFamily": "software", "description": "## Vulnerability Description\nA remote overflow exists in gaim. The program fails to validate away messages resulting in a buffer overflow. With a specially crafted away message, an attacker can cause arbitrary code execution resulting in a loss of integrity.\n## Solution Description\nUpgrade to version 1.5.0 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nA remote overflow exists in gaim. The program fails to validate away messages resulting in a buffer overflow. With a specially crafted away message, an attacker can cause arbitrary code execution resulting in a loss of integrity.\n## References:\n[Vendor Specific Advisory URL](http://gaim.sourceforge.net/security/index.php?id=22)\nSecurity Tracker: 1014649\n[Secunia Advisory ID:16384](https://secuniaresearch.flexerasoftware.com/advisories/16384/)\n[Secunia Advisory ID:16437](https://secuniaresearch.flexerasoftware.com/advisories/16437/)\n[Secunia Advisory ID:16387](https://secuniaresearch.flexerasoftware.com/advisories/16387/)\n[Secunia Advisory ID:16423](https://secuniaresearch.flexerasoftware.com/advisories/16423/)\n[Secunia Advisory ID:16436](https://secuniaresearch.flexerasoftware.com/advisories/16436/)\n[Secunia Advisory ID:16442](https://secuniaresearch.flexerasoftware.com/advisories/16442/)\n[Secunia Advisory ID:16483](https://secuniaresearch.flexerasoftware.com/advisories/16483/)\n[Secunia Advisory ID:16637](https://secuniaresearch.flexerasoftware.com/advisories/16637/)\n[Secunia Advisory ID:16379](https://secuniaresearch.flexerasoftware.com/advisories/16379/)\n[Secunia Advisory ID:16535](https://secuniaresearch.flexerasoftware.com/advisories/16535/)\n[Related OSVDB ID: 18668](https://vulners.com/osvdb/OSVDB:18668)\nRedHat RHSA: RHSA-2005:627\nRedHat RHSA: RHSA-2005:589\nPacket Storm: http://packetstormsecurity.org/0508-advisories/glsa-200508-06.txt\nOther Advisory URL: http://security.gentoo.org/glsa/glsa-200508-06.xml\nOther Advisory URL: ftp://patches.sgi.com/support/free/security/advisories/20050802-01-U.asc\nOther Advisory URL: http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.407421\nOther Advisory URL: http://www.ubuntulinux.org/support/documentation/usn/usn-168-1\nOther Advisory URL: http://www.novell.com/linux/security/advisories/2005_19_sr.html\nOther Advisory URL: http://sourceforge.net/tracker/index.php?func=detail&aid=1235427&group_id=235&atid=100235\nOther Advisory URL: http://frontal1.mandriva.com/security/advisories?name=MDKSA-2005:139\n[CVE-2005-2103](https://vulners.com/cve/CVE-2005-2103)\n", "modified": "2005-08-10T09:38:45", "published": "2005-08-10T09:38:45", "href": "https://vulners.com/osvdb/OSVDB:18669", "id": "OSVDB:18669", "type": "osvdb", "title": "Gaim Away Message Processing Remote Overflow", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:14", "bulletinFamily": "software", "description": "## Solution Description\nUpgrade to version 1.6rc3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## References:\n[Vendor Specific Advisory URL](http://www.kde.org/info/security/advisory-20050721-1.txt)\n[Secunia Advisory ID:16437](https://secuniaresearch.flexerasoftware.com/advisories/16437/)\n[Secunia Advisory ID:16265](https://secuniaresearch.flexerasoftware.com/advisories/16265/)\n[Secunia Advisory ID:16387](https://secuniaresearch.flexerasoftware.com/advisories/16387/)\n[Secunia Advisory ID:16815](https://secuniaresearch.flexerasoftware.com/advisories/16815/)\n[Secunia Advisory ID:16423](https://secuniaresearch.flexerasoftware.com/advisories/16423/)\n[Secunia Advisory ID:16442](https://secuniaresearch.flexerasoftware.com/advisories/16442/)\n[Secunia Advisory ID:16483](https://secuniaresearch.flexerasoftware.com/advisories/16483/)\n[Secunia Advisory ID:16637](https://secuniaresearch.flexerasoftware.com/advisories/16637/)\n[Secunia Advisory ID:16140](https://secuniaresearch.flexerasoftware.com/advisories/16140/)\n[Secunia Advisory ID:16269](https://secuniaresearch.flexerasoftware.com/advisories/16269/)\n[Secunia Advisory ID:16363](https://secuniaresearch.flexerasoftware.com/advisories/16363/)\n[Secunia Advisory ID:16413](https://secuniaresearch.flexerasoftware.com/advisories/16413/)\n[Related OSVDB ID: 18127](https://vulners.com/osvdb/OSVDB:18127)\n[Related OSVDB ID: 18125](https://vulners.com/osvdb/OSVDB:18125)\n[Related OSVDB ID: 18124](https://vulners.com/osvdb/OSVDB:18124)\nRedHat RHSA: RHSA-2005:627\nOther Advisory URL: http://www.debian.org/security/2005/dsa-769\nOther Advisory URL: http://www.ubuntulinux.org/support/documentation/usn/usn-162-1\nOther Advisory URL: ftp://patches.sgi.com/support/free/security/advisories/20050802-01-U.asc\nOther Advisory URL: http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.407421\nOther Advisory URL: http://www.debian.org/security/2005/dsa-773\nOther Advisory URL: http://www.ubuntulinux.org/support/documentation/usn/usn-168-1\nOther Advisory URL: http://frontal1.mandriva.com/security/advisories?name=MDKSA-2005:139\nOther Advisory URL: http://www.debian.org/security/2005/dsa-813\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-07/0369.html\n[CVE-2005-2370](https://vulners.com/cve/CVE-2005-2370)\n", "modified": "2005-07-21T08:26:58", "published": "2005-07-21T08:26:58", "href": "https://vulners.com/osvdb/OSVDB:18126", "id": "OSVDB:18126", "type": "osvdb", "title": "libgadu on SPARC Incoming Message Memory Alignment Error", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2018-08-31T01:15:55", "bulletinFamily": "unix", "description": "\nThe GAIM team reports:\n\nA remote AIM or ICQ user can cause a buffer overflow in\n\t Gaim by setting an away message containing many AIM\n\t substitution strings (such as %t or %n).\n\n", "modified": "2005-08-09T00:00:00", "published": "2005-08-09T00:00:00", "id": "6D1761D2-0B23-11DA-BC08-0001020EED82", "href": "https://vuxml.freebsd.org/freebsd/6d1761d2-0b23-11da-bc08-0001020eed82.html", "title": "gaim -- AIM/ICQ away message buffer overflow", "type": "freebsd", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T01:15:55", "bulletinFamily": "unix", "description": "\nThe GAIM team reports:\n\nA remote user could cause Gaim to crash on some systems\n\t by sending the Gaim user a file whose filename contains\n\t certain invalid characters. It is unknown what combination\n\t of systems are affected, but it is suspected that Windows\n\t users and systems with older versions of GTK+ are\n\t especially susceptible.\n\n", "modified": "2005-08-09T00:00:00", "published": "2005-08-09T00:00:00", "id": "09DB2844-0B21-11DA-BC08-0001020EED82", "href": "https://vuxml.freebsd.org/freebsd/09db2844-0b21-11da-bc08-0001020eed82.html", "title": "gaim -- AIM/ICQ non-UTF-8 filename crash", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T01:15:55", "bulletinFamily": "unix", "description": "\nWojtek Kaniewski reports:\n\nMultiple vulnerabilities have been found in libgadu, a\n\t library for handling Gadu-Gadu instant messaging\n\t protocol. It is a part of ekg, a Gadu-Gadu client, but is\n\t widely used in other clients. Also some of the user\n\t contributed scripts were found to behave in an insecure\n\t manner.\n\ninteger overflow in libgadu (CVE-2005-1852) that could\n\t be triggered by an incomming message and lead to\n\t application crash and/or remote code execution\ninsecure file creation (CVE-2005-1850) and shell\n\t command injection (CVE-2005-1851) in other user\n\t contributed scripts (discovered by Marcin Owsiany and\n\t Wojtek Kaniewski)\nseveral signedness errors in libgadu that could be\n\t triggered by an incomming network data or an application\n\t passing invalid user input to the library\nmemory alignment errors in libgadu that could be\n\t triggered by an incomming message and lead to bus errors\n\t on architectures like SPARC\nendianness errors in libgadu that could cause invalid\n\t behaviour of applications on big-endian\n\t architectures\n\n\n", "modified": "2005-10-23T00:00:00", "published": "2005-07-21T00:00:00", "id": "3B4A6982-0B24-11DA-BC08-0001020EED82", "href": "https://vuxml.freebsd.org/freebsd/3b4a6982-0b24-11da-bc08-0001020eed82.html", "title": "libgadu -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2018-10-16T22:14:30", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 769-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nJuly 29th, 2005 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : gaim\nVulnerability : memory alignment bug\nProblem-Type : remote\nDebian-specific: no\nCVE ID : CAN-2005-2370\n\nSzymon Zygmunt and Michal Bartoszkiewicz discovered a memory alignment\nerror in libgadu (from ekg, console Gadu Gadu client, an instant\nmessaging program) which is included in gaim, a multi-protocol instant\nmessaging client, as well. This can not be exploited on the x86\narchitecture but on others, e.g. on Sparc and lead to a bus error,\nin other words a denial of service.\n\nThe old stable distribution (woody) does not seem to be affected by\nthis problem.\n\nFor the stable distribution (sarge) this problem has been fixed in\nversion 1.2.1-1.4.\n\nFor the unstable distribution (sid) this problem will be fixed soon.\n\nWe recommend that you upgrade your gaim package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/g/gaim/gaim_1.2.1-1.4.dsc\n Size/MD5 checksum: 915 3bee538026c525a384cbe0865d110c78\n http://security.debian.org/pool/updates/main/g/gaim/gaim_1.2.1-1.4.diff.gz\n Size/MD5 checksum: 31681 382649de95e8cf1417c5170d1a8a372e\n http://security.debian.org/pool/updates/main/g/gaim/gaim_1.2.1.orig.tar.gz\n Size/MD5 checksum: 5215565 866598947a30005c9d2a4466c7182e2a\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/g/gaim/gaim-data_1.2.1-1.4_all.deb\n Size/MD5 checksum: 2838720 d1b16e84e0141e8030485e36339f4faa\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/g/gaim/gaim_1.2.1-1.4_alpha.deb\n Size/MD5 checksum: 1068846 ebb2a8902f38292e34b6dc08c28a1fcd\n http://security.debian.org/pool/updates/main/g/gaim/gaim-dev_1.2.1-1.4_alpha.deb\n Size/MD5 checksum: 102374 fb9bcb085067d216f57d39a332f2820d\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/g/gaim/gaim_1.2.1-1.4_arm.deb\n Size/MD5 checksum: 817860 23f78add9104cf3e5f79b7cd304fb3f7\n http://security.debian.org/pool/updates/main/g/gaim/gaim-dev_1.2.1-1.4_arm.deb\n Size/MD5 checksum: 102410 b2df8a242b943aa0d1a9b6e8148169a2\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/g/gaim/gaim_1.2.1-1.4_i386.deb\n Size/MD5 checksum: 879294 d2716bd687b657f2208ad0585c13d691\n http://security.debian.org/pool/updates/main/g/gaim/gaim-dev_1.2.1-1.4_i386.deb\n Size/MD5 checksum: 102360 4120bc2abace13ca4374651db973f448\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/g/gaim/gaim_1.2.1-1.4_ia64.deb\n Size/MD5 checksum: 1264312 5204cd503aed191f1cba6cfa6705f5c1\n http://security.debian.org/pool/updates/main/g/gaim/gaim-dev_1.2.1-1.4_ia64.deb\n Size/MD5 checksum: 102360 69787fd4685f53e21c4bf7c2df0ecdc6\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/g/gaim/gaim_1.2.1-1.4_hppa.deb\n Size/MD5 checksum: 1007084 92d7692ec48a6311177f752049ced338\n http://security.debian.org/pool/updates/main/g/gaim/gaim-dev_1.2.1-1.4_hppa.deb\n Size/MD5 checksum: 102412 d11aa9dca9554e751f15e2345e724b43\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/g/gaim/gaim_1.2.1-1.4_m68k.deb\n Size/MD5 checksum: 815858 ccb750c04cffe4026096da9bc1d322bd\n http://security.debian.org/pool/updates/main/g/gaim/gaim-dev_1.2.1-1.4_m68k.deb\n Size/MD5 checksum: 102480 3dc4d6008736ff7ef71960587ef349ec\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/g/gaim/gaim_1.2.1-1.4_mips.deb\n Size/MD5 checksum: 855152 23092ea32cdc78dd67e50723444c38d5\n http://security.debian.org/pool/updates/main/g/gaim/gaim-dev_1.2.1-1.4_mips.deb\n Size/MD5 checksum: 102382 d6d1c8c62c8ebc2eeb4a6cb5e2ab52f1\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/g/gaim/gaim_1.2.1-1.4_mipsel.deb\n Size/MD5 checksum: 846462 14cc63bc73903ffd3b391d8d3be0c326\n http://security.debian.org/pool/updates/main/g/gaim/gaim-dev_1.2.1-1.4_mipsel.deb\n Size/MD5 checksum: 102378 f0e724ffce6ce9d80c75c4f77a341a67\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/g/gaim/gaim_1.2.1-1.4_powerpc.deb\n Size/MD5 checksum: 913460 baa3230e8857033cb9e480ecda99b01d\n http://security.debian.org/pool/updates/main/g/gaim/gaim-dev_1.2.1-1.4_powerpc.deb\n Size/MD5 checksum: 102384 fb572b59ed02992ba80dc8c6aab6db91\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/g/gaim/gaim_1.2.1-1.4_s390.deb\n Size/MD5 checksum: 946240 f431a8a8595dbe5c5b26148f9504bda0\n http://security.debian.org/pool/updates/main/g/gaim/gaim-dev_1.2.1-1.4_s390.deb\n Size/MD5 checksum: 102380 d7bb41baeb1391be34b1c9642ecb22a5\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/g/gaim/gaim_1.2.1-1.4_sparc.deb\n Size/MD5 checksum: 850810 73b4bdb1206ba5b0f2a5bda0cf061470\n http://security.debian.org/pool/updates/main/g/gaim/gaim-dev_1.2.1-1.4_sparc.deb\n Size/MD5 checksum: 102380 7d112554def1191e36f50755ca21c7f8\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;\n\n", "modified": "2005-07-29T00:00:00", "published": "2005-07-29T00:00:00", "id": "DEBIAN:DSA-769-1:7FD30", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2005/msg00156.html", "title": "[SECURITY] [DSA 769-1] New gaim packages fix denial of service", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-10-16T22:14:44", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 813-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nSeptember 15th, 2005 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : centericq\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE IDs : CAN-2005-2369 CAN-2005-2370 CAN-2005-2448\nBugTraq ID : 14415\n\nSeveral problems have been discovered in libgadu which is also part of\ncentericq, a text-mode multi-protocol instant messenger client. The\nCommon Vulnerabilities and Exposures project identifies the following\nproblems:\n\nCAN-2005-2369\n\n Multiple integer signedness errors may allow remote attackers to\n cause a denial of service or execute arbitrary code.\n\nCAN-2005-2370\n\n Memory alignment errors may allows remote attackers to cause a\n denial of service on certain architectures such as sparc.\n\nCAN-2005-2448\n\n Several endianess errors may allow remote attackers to cause a\n denial of service.\n\nThe old stable distribution (woody) is not affected by these problems.\n\nFor the stable distribution (sarge) these problems have been fixed in\nversion 4.20.0-1sarge2.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 4.20.0-9.\n\nWe recommend that you upgrade your centericq package.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2.dsc\n Size/MD5 checksum: 875 3e3856c76ecca4033d594f40b84594fe\n http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2.diff.gz\n Size/MD5 checksum: 105757 2847f29ebc190209bc9801cda4021465\n http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0.orig.tar.gz\n Size/MD5 checksum: 1796894 874165f4fbd40e3be677bdd1696cee9d\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_alpha.deb\n Size/MD5 checksum: 1650414 6428d1b002427f84264e264f039942b6\n http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_alpha.deb\n Size/MD5 checksum: 335816 83d71d7e3ddc678f92208714c69421c1\n http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_alpha.deb\n Size/MD5 checksum: 1651512 e552870deeb140d3c152a314ecbf34cd\n http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_alpha.deb\n Size/MD5 checksum: 1650438 55cd6872aae5e63348f7b816ea72d54b\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_amd64.deb\n Size/MD5 checksum: 1355220 3e2133ded560c48685d2b99ba5bf0dce\n http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_amd64.deb\n Size/MD5 checksum: 335722 4b1695d70272933dc7e239043cd97dca\n http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_amd64.deb\n Size/MD5 checksum: 1355440 2cfb3c7c9386a5975ec3d433ca45e5c4\n http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_amd64.deb\n Size/MD5 checksum: 1355268 a0cb191dfa09ef9b517bfa5e91779dad\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_arm.deb\n Size/MD5 checksum: 2185136 2d1317f0919c28662971967458546742\n http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_arm.deb\n Size/MD5 checksum: 335868 726094239479d03fd2eb63f4f307e46b\n http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_arm.deb\n Size/MD5 checksum: 2185970 bb6521dedcca573e28a2c34fd9c1ab74\n http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_arm.deb\n Size/MD5 checksum: 2185188 84cd56c79406e409bb0513a0997870f8\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_i386.deb\n Size/MD5 checksum: 1348652 c59e862bca93d94d4edee43911bbdeb7\n http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_i386.deb\n Size/MD5 checksum: 335708 2c3d7782f385f0b81a3ce3dd4b089977\n http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_i386.deb\n Size/MD5 checksum: 1349472 fb8e54aa013dacc37499fd68ae032116\n http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_i386.deb\n Size/MD5 checksum: 1348570 f353cb12552cfc0db7ed0d3129edc1d7\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_ia64.deb\n Size/MD5 checksum: 1881308 0eaa392858b373326fe3f5fbcbd267da\n http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_ia64.deb\n Size/MD5 checksum: 335814 5ce50347f96935af6f00e6e6ec89352c\n http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_ia64.deb\n Size/MD5 checksum: 1882180 359605a9a9bc322896110b2652da8859\n http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_ia64.deb\n Size/MD5 checksum: 1881288 3b41f39c82d45d048c56fd71b052b34a\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_hppa.deb\n Size/MD5 checksum: 1812364 d776d20c88b1d045eab6c2cbc7e4856f\n http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_hppa.deb\n Size/MD5 checksum: 336524 15a3df7f872450f63c650e08a5804d28\n http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_hppa.deb\n Size/MD5 checksum: 1813476 6804d5b88c0e662daccc7d8a462bc843\n http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_hppa.deb\n Size/MD5 checksum: 1812430 72dbb22383ac61176bfdbc563026f728\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_m68k.deb\n Size/MD5 checksum: 1399316 4f0a41a9a10d9764806b753669a19721\n http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_m68k.deb\n Size/MD5 checksum: 336586 c5fda5db59d172c072943ba56fa7ab4e\n http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_m68k.deb\n Size/MD5 checksum: 1399996 fa827fa4c93f695d6ad976975aa15201\n http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_m68k.deb\n Size/MD5 checksum: 1399362 fbe685ca5920fda77744d1ed896e8848\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_mips.deb\n Size/MD5 checksum: 1493038 111b76f2e63dc4fc6cc51f5cdabc3d3b\n http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_mips.deb\n Size/MD5 checksum: 336552 61b4098b1245044a145571caad3384fd\n http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_mips.deb\n Size/MD5 checksum: 1493630 c478a464bebad10f9883abeb2097be09\n http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_mips.deb\n Size/MD5 checksum: 1493080 182a6d6b77e18cdda5c29154149e0191\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_mipsel.deb\n Size/MD5 checksum: 1483212 e4d498542aec27d2ded408c756e05844\n http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_mipsel.deb\n Size/MD5 checksum: 335834 32e81dfb6114a2f1175d4b0e747efb1c\n http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_mipsel.deb\n Size/MD5 checksum: 1483786 bbf2190ab5d4d0cecb332c6d6e87d897\n http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_mipsel.deb\n Size/MD5 checksum: 1483264 d991ec5892ad4a1f4452f6ac265c9524\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_powerpc.deb\n Size/MD5 checksum: 1386046 27c0795c598216692bb9e3ddabbe38ab\n http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_powerpc.deb\n Size/MD5 checksum: 336542 65b7360541cf810d6e0e66e4e985eed8\n http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_powerpc.deb\n Size/MD5 checksum: 1386558 15377035743dde60440d7847a8050a5d\n http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_powerpc.deb\n Size/MD5 checksum: 1386122 7f1e7a8ffcb42aef23b6d29043295b91\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_s390.deb\n Size/MD5 checksum: 1193924 bcbb0a591e411c0fcd4bd02cef5eedbb\n http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_s390.deb\n Size/MD5 checksum: 336546 3710534682406a034733acad3b3c2ed5\n http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_s390.deb\n Size/MD5 checksum: 1194212 8f5729cbc295bb04986b96af8e9de1bf\n http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_s390.deb\n Size/MD5 checksum: 1193970 943e805ff5904ede894a864d6ac4d34b\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_sparc.deb\n Size/MD5 checksum: 1325896 8e8e65fe000e12e309700513c1e2b8ba\n http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_sparc.deb\n Size/MD5 checksum: 336550 46d2e5ced85fa02754d4c3868d39c129\n http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_sparc.deb\n Size/MD5 checksum: 1326696 81974721d8a2b7041a375bf36c44464e\n http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_sparc.deb\n Size/MD5 checksum: 1325860 f025aef1774bdf29ba0120070e8ff4f1\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;\n\n", "modified": "2005-09-15T00:00:00", "published": "2005-09-15T00:00:00", "id": "DEBIAN:DSA-813-1:20C31", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2005/msg00203.html", "title": "[SECURITY] [DSA 813-1] New centericq packages fix several vulnerabilities", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-10-16T22:13:20", "bulletinFamily": "unix", "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1318-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nJune 22nd, 2007 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : ekg\nVulnerability : several\nProblem-Type : remote\nDebian-specific: no\nCVE ID : CVE-2005-2370 CVE-2005-2448 CVE-2007-1663 CVE-2007-1664 CVE-2007-1665\n\nSeveral remote vulnerabilities have been discovered in ekg, a console\nGadu Gadu client. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2005-2370\n\n It was discovered that memory alignment errors may allow remote\n attackers to cause a denial of service on certain architectures\n such as sparc. This only affects Debian Sarge.\n\nCVE-2005-2448\n\n It was discovered that several endianess errors may allow remote\n attackers to cause a denial of service. This only affects \n Debian Sarge.\n\nCVE-2007-1663\n\n It was discovered that a memory leak in handling image messages may\n lead to denial of service. This only affects Debian Etch.\n\nCVE-2007-1664\n\n It was discovered that a null pointer deference in the token OCR code\n may lead to denial of service. This only affects Debian Etch.\n\nCVE-2007-1665\n\n It was discovered that a memory leak in the token OCR code may lead\n to denial of service. This only affects Debian Etch.\n\nFor the oldstable distribution (sarge) these problems have been fixed in\nversion 1.5+20050411-7. This updates lacks updated packages for the m68k\narchitecture. They will be provided later.\n\nFor the stable distribution (etch) these problems have been fixed\nin version 1:1.7~rc2-1etch1.\n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 1:1.7~rc2-2.\n\nWe recommend that you upgrade your ekg packages.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.1 alias sarge\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-7.dsc\n Size/MD5 checksum: 755 c13c5003913b5a6826a2318ff6457466\n http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-7.diff.gz\n Size/MD5 checksum: 43213 bbcdcf5b7acf8df37c6557fb3caf65f2\n http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411.orig.tar.gz\n Size/MD5 checksum: 495079 bc246779de6f6c97f289e60b60db6c14\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-7_alpha.deb\n Size/MD5 checksum: 313386 5f9e1df11e20416d456550fbc7272b6b\n http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-7_alpha.deb\n Size/MD5 checksum: 154124 fbfb2b2dac00fd0b8f8d520a034808e1\n http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-7_alpha.deb\n Size/MD5 checksum: 70480 bbc1774ca41b284d7077075b2e54e094\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-7_amd64.deb\n Size/MD5 checksum: 280046 8afce052b5a90e52d98bb5056b4c3677\n http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-7_amd64.deb\n Size/MD5 checksum: 129478 cb4c07f3a023501dc4282a949ae6f0c3\n http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-7_amd64.deb\n Size/MD5 checksum: 64766 91cb2126b68ad573beb3cf71a10a4862\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-7_arm.deb\n Size/MD5 checksum: 268022 8e83e14d2221e43e0f84d21004ecdc6e\n http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-7_arm.deb\n Size/MD5 checksum: 129516 75f62242848fcd8c04a769d8b2b70fb3\n http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-7_arm.deb\n Size/MD5 checksum: 62650 9f1005a1902d5f088f8916113da1d9fa\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-7_hppa.deb\n Size/MD5 checksum: 288256 2f760288780881eff8c000a7d5287ab7\n http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-7_hppa.deb\n Size/MD5 checksum: 135902 42d5b64ede073387c03f914c2f3b9a7d\n http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-7_hppa.deb\n Size/MD5 checksum: 69330 31208354bcb32e72e812f773cb5bd582\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-7_i386.deb\n Size/MD5 checksum: 269760 fee79fac0639b2b80cb8e29df80b267c\n http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-7_i386.deb\n Size/MD5 checksum: 126480 a428c99fb8b13a9ae1c691cc5d65420e\n http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-7_i386.deb\n Size/MD5 checksum: 63604 be480904f42852892049fa980a8ba521\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-7_ia64.deb\n Size/MD5 checksum: 355486 6425e823262700c3d06d6dc28bd5a889\n http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-7_ia64.deb\n Size/MD5 checksum: 150436 02a50df61a2fe956ba62e76367c169c7\n http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-7_ia64.deb\n Size/MD5 checksum: 80364 1fef77a49dd87394b691b5623c72607b\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-7_mips.deb\n Size/MD5 checksum: 281056 d819d23c9ef923a282e74af566013761\n http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-7_mips.deb\n Size/MD5 checksum: 132178 1d2366458dd2e9c7d6d507adde131308\n http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-7_mips.deb\n Size/MD5 checksum: 61982 83ae72d761312226134db573f078ab83\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-7_mipsel.deb\n Size/MD5 checksum: 280690 314d213d4296f1a231e8534becff7405\n http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-7_mipsel.deb\n Size/MD5 checksum: 132164 8d7c1227c0f36c33a0952765e9f2dca4\n http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-7_mipsel.deb\n Size/MD5 checksum: 61972 f1b286a5c481f1ea487af4c6c9864d23\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-7_powerpc.deb\n Size/MD5 checksum: 280810 a123142acdbf773bfbcff1a55584aa19\n http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-7_powerpc.deb\n Size/MD5 checksum: 131878 0635d337c8bae23f613448d560acc61d\n http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-7_powerpc.deb\n Size/MD5 checksum: 65974 2736e6c7114bcd6a281f5a7e2e43351a\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-7_s390.deb\n Size/MD5 checksum: 279310 3a9db64ccd003295eadd2c1d0b9b640e\n http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-7_s390.deb\n Size/MD5 checksum: 128964 9d7752770b05bafdf8e8ea09eb58a15f\n http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-7_s390.deb\n Size/MD5 checksum: 64442 729126714688fa21a339b8d22a545bd2\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/e/ekg/ekg_1.5+20050411-7_sparc.deb\n Size/MD5 checksum: 269676 a07e3241c1d7cb106bfb8e3002665757\n http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.5+20050411-7_sparc.deb\n Size/MD5 checksum: 128524 2b66271a6ef4c18fc040832145a1e83b\n http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.5+20050411-7_sparc.deb\n Size/MD5 checksum: 64668 90418a7aeea9c7ce980de5c46e871a9f\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/e/ekg/ekg_1.7~rc2-1etch1.dsc\n Size/MD5 checksum: 750 f776cbffc3c5757239311f68cbb06863\n http://security.debian.org/pool/updates/main/e/ekg/ekg_1.7~rc2-1etch1.diff.gz\n Size/MD5 checksum: 36873 1ed9055534fa44d865262b14f8b30341\n http://security.debian.org/pool/updates/main/e/ekg/ekg_1.7~rc2.orig.tar.gz\n Size/MD5 checksum: 514073 b4ea482130e163af1456699e2e6983d9\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/e/ekg/ekg_1.7~rc2-1etch1_alpha.deb\n Size/MD5 checksum: 319638 61b5664b0460876546de510fbd0059a9\n http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.7~rc2-1etch1_alpha.deb\n Size/MD5 checksum: 160798 6d3bdb00bb1432e45423f832337f6087\n http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.7~rc2-1etch1_alpha.deb\n Size/MD5 checksum: 74902 46be93166fa4c5a293ac71d89777fed8\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/e/ekg/ekg_1.7~rc2-1etch1_amd64.deb\n Size/MD5 checksum: 299404 03a5d6a3e922b849f20029a8ff7998f4\n http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.7~rc2-1etch1_amd64.deb\n Size/MD5 checksum: 135146 41b387de4cf01fe6da695594c94b20aa\n http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.7~rc2-1etch1_amd64.deb\n Size/MD5 checksum: 69188 a463fefd5a7ba02d63d2ce30274d4aa1\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/e/ekg/ekg_1.7~rc2-1etch1_arm.deb\n Size/MD5 checksum: 286656 b54c96a818dd03ca8495fdf695344b3d\n http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.7~rc2-1etch1_arm.deb\n Size/MD5 checksum: 131622 91543dea78bcd279f0bff1e19e75822b\n http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.7~rc2-1etch1_arm.deb\n Size/MD5 checksum: 67496 83b69e379ed35e86555c5dda94ce7a63\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/e/ekg/ekg_1.7~rc2-1etch1_hppa.deb\n Size/MD5 checksum: 309102 6d63580fbeff38010fc50c41e8586ead\n http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.7~rc2-1etch1_hppa.deb\n Size/MD5 checksum: 141536 aaac39e76b748763e8fd0cfa98d8dde8\n http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.7~rc2-1etch1_hppa.deb\n Size/MD5 checksum: 73240 ad652a0bf5df9f67dd3836af637d89f2\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/e/ekg/ekg_1.7~rc2-1etch1_i386.deb\n Size/MD5 checksum: 282332 cea1b184efefb7454b6c0b25a3e8d875\n http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.7~rc2-1etch1_i386.deb\n Size/MD5 checksum: 131262 ab42291b25f3501983ea1fa3e61e5832\n http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.7~rc2-1etch1_i386.deb\n Size/MD5 checksum: 67370 28242d8c48f5cf14b7cdd1dff1c8f44d\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/e/ekg/ekg_1.7~rc2-1etch1_ia64.deb\n Size/MD5 checksum: 394586 75bf8f5b8890dffbc539d79105f31896\n http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.7~rc2-1etch1_ia64.deb\n Size/MD5 checksum: 157904 d2891a73971207417313c5217cba4641\n http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.7~rc2-1etch1_ia64.deb\n Size/MD5 checksum: 86568 d760ad9563615e5a76f46f50ba87b94e\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/e/ekg/ekg_1.7~rc2-1etch1_mips.deb\n Size/MD5 checksum: 297038 8bf5b347f3b25110a7fe7e0b9a171899\n http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.7~rc2-1etch1_mips.deb\n Size/MD5 checksum: 140652 6cb382cf6a63b5b02701b60b9ca0d6a2\n http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.7~rc2-1etch1_mips.deb\n Size/MD5 checksum: 66324 8bd8e1c3a08ef2f59a4127c60bccae7a\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/e/ekg/ekg_1.7~rc2-1etch1_mipsel.deb\n Size/MD5 checksum: 297042 f5b2271e9e64c0fd2de08569b7a4fcae\n http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.7~rc2-1etch1_mipsel.deb\n Size/MD5 checksum: 140598 ab9c505c30d97a14e92d283f4e42a861\n http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.7~rc2-1etch1_mipsel.deb\n Size/MD5 checksum: 66384 7ac15a45f175d9e7dd0d9e9ff7387a27\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/e/ekg/ekg_1.7~rc2-1etch1_powerpc.deb\n Size/MD5 checksum: 297622 22e279870a880ac1c6dfc71ac42f30bb\n http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.7~rc2-1etch1_powerpc.deb\n Size/MD5 checksum: 136040 fdd5e885773c0dcf69f25e810f2e4bbc\n http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.7~rc2-1etch1_powerpc.deb\n Size/MD5 checksum: 69932 49df2e6b8d5435e12d8eb6ff2881ab4a\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/e/ekg/ekg_1.7~rc2-1etch1_s390.deb\n Size/MD5 checksum: 302738 1653f57ea628f86c96568c64847dc176\n http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.7~rc2-1etch1_s390.deb\n Size/MD5 checksum: 134614 6801cc3c2cfbf17f41284ef351d6d6c8\n http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.7~rc2-1etch1_s390.deb\n Size/MD5 checksum: 69440 d63382b49cb1f66af8f9bac116a701f5\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/e/ekg/ekg_1.7~rc2-1etch1_sparc.deb\n Size/MD5 checksum: 286648 93f735711c69d3add89f6c58050b426c\n http://security.debian.org/pool/updates/main/e/ekg/libgadu-dev_1.7~rc2-1etch1_sparc.deb\n Size/MD5 checksum: 133128 515716db148f7292a7793672bc6cff1f\n http://security.debian.org/pool/updates/main/e/ekg/libgadu3_1.7~rc2-1etch1_sparc.deb\n Size/MD5 checksum: 67892 59f7df3b28746ba3943b465cfaa8f7b1\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show &lt;pkg&gt;&#x27; and http://packages.debian.org/&lt;pkg&gt;\n", "modified": "2007-06-22T00:00:00", "published": "2007-06-22T00:00:00", "id": "DEBIAN:DSA-1318-1:D6CCC", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00078.html", "title": "[SECURITY] [DSA 1318-1] New ekg packages fix denial of service", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:14", "bulletinFamily": "software", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- --------------------------------------------------------------------------\r\nDebian Security Advisory DSA 813-1 security@debian.org\r\nhttp://www.debian.org/security/ Martin Schulze\r\nSeptember 15th, 2005 http://www.debian.org/security/faq\r\n- --------------------------------------------------------------------------\r\n\r\nPackage : centericq\r\nVulnerability : several\r\nProblem type : remote\r\nDebian-specific: no\r\nCVE IDs : CAN-2005-2369 CAN-2005-2370 CAN-2005-2448\r\nBugTraq ID : 14415\r\n\r\nSeveral problems have been discovered in libgadu which is also part of\r\ncentericq, a text-mode multi-protocol instant messenger client. The\r\nCommon Vulnerabilities and Exposures project identifies the following\r\nproblems:\r\n\r\nCAN-2005-2369\r\n\r\n Multiple integer signedness errors may allow remote attackers to\r\n cause a denial of service or execute arbitrary code.\r\n\r\nCAN-2005-2370\r\n\r\n Memory alignment errors may allows remote attackers to cause a\r\n denial of service on certain architectures such as sparc.\r\n\r\nCAN-2005-2448\r\n\r\n Several endianess errors may allow remote attackers to cause a\r\n denial of service.\r\n\r\nThe old stable distribution &#40;woody&#41; is not affected by these problems.\r\n\r\nFor the stable distribution &#40;sarge&#41; these problems have been fixed in\r\nversion 4.20.0-1sarge2.\r\n\r\nFor the unstable distribution &#40;sid&#41; these problems have been fixed in\r\nversion 4.20.0-9.\r\n\r\nWe recommend that you upgrade your centericq package.\r\n\r\n\r\nUpgrade Instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\n\r\nDebian GNU/Linux 3.1 alias sarge\r\n- --------------------------------\r\n\r\n Source archives:\r\n\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2.dsc\r\n Size/MD5 checksum: 875 3e3856c76ecca4033d594f40b84594fe\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2.diff.gz\r\n Size/MD5 checksum: 105757 2847f29ebc190209bc9801cda4021465\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0.orig.tar.gz\r\n Size/MD5 checksum: 1796894 874165f4fbd40e3be677bdd1696cee9d\r\n\r\n Alpha architecture:\r\n\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_alpha.deb\r\n Size/MD5 checksum: 1650414 6428d1b002427f84264e264f039942b6\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_alpha.deb\r\n Size/MD5 checksum: 335816 83d71d7e3ddc678f92208714c69421c1\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_alpha.deb\r\n Size/MD5 checksum: 1651512 e552870deeb140d3c152a314ecbf34cd\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_alpha.deb\r\n Size/MD5 checksum: 1650438 55cd6872aae5e63348f7b816ea72d54b\r\n\r\n AMD64 architecture:\r\n\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_amd64.deb\r\n Size/MD5 checksum: 1355220 3e2133ded560c48685d2b99ba5bf0dce\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_amd64.deb\r\n Size/MD5 checksum: 335722 4b1695d70272933dc7e239043cd97dca\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_amd64.deb\r\n Size/MD5 checksum: 1355440 2cfb3c7c9386a5975ec3d433ca45e5c4\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_amd64.deb\r\n Size/MD5 checksum: 1355268 a0cb191dfa09ef9b517bfa5e91779dad\r\n\r\n ARM architecture:\r\n\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_arm.deb\r\n Size/MD5 checksum: 2185136 2d1317f0919c28662971967458546742\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_arm.deb\r\n Size/MD5 checksum: 335868 726094239479d03fd2eb63f4f307e46b\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_arm.deb\r\n Size/MD5 checksum: 2185970 bb6521dedcca573e28a2c34fd9c1ab74\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_arm.deb\r\n Size/MD5 checksum: 2185188 84cd56c79406e409bb0513a0997870f8\r\n\r\n Intel IA-32 architecture:\r\n\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_i386.deb\r\n Size/MD5 checksum: 1348652 c59e862bca93d94d4edee43911bbdeb7\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_i386.deb\r\n Size/MD5 checksum: 335708 2c3d7782f385f0b81a3ce3dd4b089977\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_i386.deb\r\n Size/MD5 checksum: 1349472 fb8e54aa013dacc37499fd68ae032116\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_i386.deb\r\n Size/MD5 checksum: 1348570 f353cb12552cfc0db7ed0d3129edc1d7\r\n\r\n Intel IA-64 architecture:\r\n\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_ia64.deb\r\n Size/MD5 checksum: 1881308 0eaa392858b373326fe3f5fbcbd267da\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_ia64.deb\r\n Size/MD5 checksum: 335814 5ce50347f96935af6f00e6e6ec89352c\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_ia64.deb\r\n Size/MD5 checksum: 1882180 359605a9a9bc322896110b2652da8859\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_ia64.deb\r\n Size/MD5 checksum: 1881288 3b41f39c82d45d048c56fd71b052b34a\r\n\r\n HP Precision architecture:\r\n\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_hppa.deb\r\n Size/MD5 checksum: 1812364 d776d20c88b1d045eab6c2cbc7e4856f\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_hppa.deb\r\n Size/MD5 checksum: 336524 15a3df7f872450f63c650e08a5804d28\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_hppa.deb\r\n Size/MD5 checksum: 1813476 6804d5b88c0e662daccc7d8a462bc843\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_hppa.deb\r\n Size/MD5 checksum: 1812430 72dbb22383ac61176bfdbc563026f728\r\n\r\n Motorola 680x0 architecture:\r\n\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_m68k.deb\r\n Size/MD5 checksum: 1399316 4f0a41a9a10d9764806b753669a19721\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_m68k.deb\r\n Size/MD5 checksum: 336586 c5fda5db59d172c072943ba56fa7ab4e\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_m68k.deb\r\n Size/MD5 checksum: 1399996 fa827fa4c93f695d6ad976975aa15201\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_m68k.deb\r\n Size/MD5 checksum: 1399362 fbe685ca5920fda77744d1ed896e8848\r\n\r\n Big endian MIPS architecture:\r\n\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_mips.deb\r\n Size/MD5 checksum: 1493038 111b76f2e63dc4fc6cc51f5cdabc3d3b\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_mips.deb\r\n Size/MD5 checksum: 336552 61b4098b1245044a145571caad3384fd\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_mips.deb\r\n Size/MD5 checksum: 1493630 c478a464bebad10f9883abeb2097be09\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_mips.deb\r\n Size/MD5 checksum: 1493080 182a6d6b77e18cdda5c29154149e0191\r\n\r\n Little endian MIPS architecture:\r\n\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_mipsel.deb\r\n Size/MD5 checksum: 1483212 e4d498542aec27d2ded408c756e05844\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_mipsel.deb\r\n Size/MD5 checksum: 335834 32e81dfb6114a2f1175d4b0e747efb1c\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_mipsel.deb\r\n Size/MD5 checksum: 1483786 bbf2190ab5d4d0cecb332c6d6e87d897\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_mipsel.deb\r\n Size/MD5 checksum: 1483264 d991ec5892ad4a1f4452f6ac265c9524\r\n\r\n PowerPC architecture:\r\n\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_powerpc.deb\r\n Size/MD5 checksum: 1386046 27c0795c598216692bb9e3ddabbe38ab\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_powerpc.deb\r\n Size/MD5 checksum: 336542 65b7360541cf810d6e0e66e4e985eed8\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_powerpc.deb\r\n Size/MD5 checksum: 1386558 15377035743dde60440d7847a8050a5d\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_powerpc.deb\r\n Size/MD5 checksum: 1386122 7f1e7a8ffcb42aef23b6d29043295b91\r\n\r\n IBM S/390 architecture:\r\n\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_s390.deb\r\n Size/MD5 checksum: 1193924 bcbb0a591e411c0fcd4bd02cef5eedbb\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_s390.deb\r\n Size/MD5 checksum: 336546 3710534682406a034733acad3b3c2ed5\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_s390.deb\r\n Size/MD5 checksum: 1194212 8f5729cbc295bb04986b96af8e9de1bf\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_s390.deb\r\n Size/MD5 checksum: 1193970 943e805ff5904ede894a864d6ac4d34b\r\n\r\n Sun Sparc architecture:\r\n\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq_4.20.0-1sarge2_sparc.deb\r\n Size/MD5 checksum: 1325896 8e8e65fe000e12e309700513c1e2b8ba\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-common_4.20.0-1sarge2_sparc.deb\r\n Size/MD5 checksum: 336550 46d2e5ced85fa02754d4c3868d39c129\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-fribidi_4.20.0-1sarge2_sparc.deb\r\n Size/MD5 checksum: 1326696 81974721d8a2b7041a375bf36c44464e\r\n http://security.debian.org/pool/updates/main/c/centericq/centericq-utf8_4.20.0-1sarge2_sparc.deb\r\n Size/MD5 checksum: 1325860 f025aef1774bdf29ba0120070e8ff4f1\r\n\r\n\r\n These files will probably be moved into the stable distribution on\r\n its next update.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ stable/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: &#96;apt-cache show &lt;pkg&gt;&#39; and http://packages.debian.org/&lt;pkg&gt;\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.1 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFDKU42W5ql+IAeqTIRAuLmAJ0WO6IbF9rCJtkvP8nAJGbX3veisgCgnROK\r\n2vrXB6YQU4Q2ozb7cHipMdE=\r\n=x0pi\r\n-----END PGP SIGNATURE-----\r\n\r\n_______________________________________________\r\nFull-Disclosure - We believe in it.\r\nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\r\nHosted and sponsored by Secunia - http://secunia.com/", "modified": "2005-09-15T00:00:00", "published": "2005-09-15T00:00:00", "id": "SECURITYVULNS:DOC:9723", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:9723", "title": "[Full-disclosure] [SECURITY] [DSA 813-1] New centericq packages fix several vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}