Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2009 E-Soft Inc.OPENVAS:136141256231066109
HistoryOct 27, 2009 - 12:00 a.m.

Gentoo Security Advisory GLSA 200910-02 (pidgin)

2009-10-2700:00:00
Copyright (C) 2009 E-Soft Inc.
plugins.openvas.org
9

7.8 High

AI Score

Confidence

High

0.203 Low

EPSS

Percentile

96.4%

JSON

The remote host is missing updates announced in
advisory GLSA 200910-02.

# SPDX-FileCopyrightText: 2009 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.66109");
  script_version("2023-07-19T05:05:15+0000");
  script_tag(name:"last_modification", value:"2023-07-19 05:05:15 +0000 (Wed, 19 Jul 2023)");
  script_tag(name:"creation_date", value:"2009-10-27 01:37:56 +0100 (Tue, 27 Oct 2009)");
  script_cve_id("CVE-2009-1376", "CVE-2009-1889", "CVE-2009-2694", "CVE-2009-3026");
  script_tag(name:"cvss_base", value:"10.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_name("Gentoo Security Advisory GLSA 200910-02 (pidgin)");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2009 E-Soft Inc.");
  script_family("Gentoo Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/gentoo", "ssh/login/pkg");
  script_tag(name:"insight", value:"Multiple vulnerabilities have been discovered in Pidgin, leading to the
    remote execution of arbitrary code, unauthorized information
disclosure, or
    Denial of Service.");
  script_tag(name:"solution", value:"All Pidgin users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose =net-im/pidgin-2.5.9-r1");

  script_xref(name:"URL", value:"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200910-02");
  script_xref(name:"URL", value:"http://bugs.gentoo.org/show_bug.cgi?id=276000");
  script_xref(name:"URL", value:"http://bugs.gentoo.org/show_bug.cgi?id=281545");
  script_xref(name:"URL", value:"http://bugs.gentoo.org/show_bug.cgi?id=283324");
  script_xref(name:"URL", value:"http://www.gentoo.org/security/en/glsa/glsa-200905-07.xml");
  script_tag(name:"summary", value:"The remote host is missing updates announced in
advisory GLSA 200910-02.");
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");

  exit(0);
}

include("pkg-lib-gentoo.inc");
include("revisions-lib.inc");

res = "";
report = "";
report = "";
if ((res = ispkgvuln(pkg:"net-im/pidgin", unaffected: make_list("ge 2.5.9-r1"), vulnerable: make_list("lt 2.5.9-r1"))) != NULL) {
    report += res;
}

if (report != "") {
    security_message(data:report);
} else if (__pkg_match) {
    exit(99);
}

Related

openvas 74
nessus 49
gentoo 1
ubuntucve 4
prion 4
cvelist 4
debiancve 4
cve 4
securityvulns 7
debian 4
coresecurity 1
veracode 4
redhat 3
seebug 4
ubuntu 4
fedora 10
oraclelinux 4
centos 3
altlinux 2
zdi 1
slackware 1
exploitpack 1
packetstorm 1
cert 1
freebsd 2
osv 1
exploitdb 1
openvas
openvas
Gentoo Security Advisory GLSA 200910-02 (pidgin)
2009-10-27 00:00:00
FreeBSD Ports: pidgin, libpurple, finch
2009-09-02 00:00:00
FreeBSD Ports: pidgin, libpurple, finch
2009-09-02 00:00:00
nessus
nessus
GLSA-200910-02 : Pidgin: Multiple vulnerabilities
2009-10-23 00:00:00
CentOS 3 / 5 : pidgin (CESA-2009:1218)
2009-08-20 00:00:00
RHEL 3 / 4 / 5 : pidgin (RHSA-2009:1218)
2009-08-20 00:00:00
gentoo
gentoo
Pidgin: Multiple vulnerabilities
2009-10-22 00:00:00
ubuntucve
ubuntucve
CVE-2009-2694
2009-08-21 00:00:00
CVE-2009-1889
2009-07-01 00:00:00
CVE-2009-3026
2009-08-31 00:00:00
prion
prion
Memory corruption
2009-08-21 11:02:00
Design/Logic Flaw
2009-07-01 13:00:00
Design/Logic Flaw
2009-08-31 20:30:00
cvelist
cvelist
CVE-2009-2694
2009-08-20 22:00:00
CVE-2009-1889
2009-07-01 12:26:00
CVE-2009-3026
2009-08-31 20:00:00
debiancve
debiancve
CVE-2009-2694
2009-08-21 11:02:00
CVE-2009-1889
2009-07-01 13:00:00
CVE-2009-3026
2009-08-31 20:30:00
cve
cve
CVE-2009-2694
2009-08-21 11:02:00
CVE-2009-1889
2009-07-01 13:00:00
CVE-2009-3026
2009-08-31 20:30:00
securityvulns
securityvulns
CORE-2009-0727: Libpurple msn_slplink_process_msg() Arbitrary Write Vulnerability
2009-08-19 00:00:00
[ MDVSA-2009:230 ] pidgin
2009-09-14 00:00:00
Pidgin instant messenger DoS
2009-07-07 00:00:00
debian
debian
[SECURITY] [DSA 1870-1] New pidgin packages fix arbitrary code execution
2009-08-19 22:33:52
[Backports-security-announce] Security Update for pidgin
2009-07-29 21:34:44
[Backports-security-announce] Security Update for pidgin
2009-07-29 21:34:46
coresecurity
coresecurity
Libpurple msn_slplink_process_msg() Arbitrary Write Vulnerability
2009-08-18 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:33:20
Arbitrary Code Execution
2020-04-10 00:33:22
Arbitrary Code Execution
2020-04-10 00:40:57
redhat
redhat
(RHSA-2009:1139) Moderate: pidgin security and bug fix update
2009-07-02 00:00:00
(RHSA-2009:1218) Critical: pidgin security update
2009-08-18 00:00:00
(RHSA-2009:1059) Important: pidgin security update
2009-05-22 00:00:00
seebug
seebug
pidgin特制ICQ Web消息拒绝服务漏洞
2009-07-02 00:00:00
Pidgin MSN <= 2.5.8 - Remote Code Execution Exploit
2014-07-01 00:00:00
Pidgin Libpurple库msn_slplink_process_msg()函数内存破坏漏洞
2009-08-21 00:00:00
ubuntu
ubuntu
Pidgin vulnerability
2009-07-06 00:00:00
Pidgin vulnerability
2009-08-20 00:00:00
Gaim vulnerabilities
2009-06-03 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: pidgin-2.5.8-1.fc10
2009-07-03 19:47:21
[SECURITY] Fedora 11 Update: pidgin-2.5.8-1.fc11
2009-07-03 19:45:03
[SECURITY] Fedora 9 Update: pidgin-2.5.8-1.fc9
2009-07-03 19:55:45
oraclelinux
oraclelinux
pidgin security and bug fix update
2009-07-02 00:00:00
pidgin security update
2009-08-18 00:00:00
pidgin security update
2009-09-21 00:00:00
centos
centos
finch, libpurple, pidgin security update
2009-07-02 23:47:40
finch, libpurple, pidgin security update
2009-08-18 19:24:05
pidgin security update
2009-05-22 14:04:17
altlinux
altlinux
Security fix for the ALT Linux 5 package pidgin-mini version 2.5.8-alt1
2009-07-10 00:00:00
Security fix for the ALT Linux 5 package pidgin-mini version 2.6.1-alt1
2009-08-19 00:00:00
zdi
zdi
Multiple Vendor libpurple MSN Protocol SLP Message Heap Overflow Vulnerability
2009-06-08 00:00:00
slackware
slackware
pidgin
2009-08-19 18:56:17
exploitpack
exploitpack
Pidgin MSN 2.5.8 - Remote Code Execution
2009-09-09 00:00:00
packetstorm
packetstorm
Pidgin MSN 2.5.8 Code Execution
2009-09-10 00:00:00
cert
cert
Libpurple buffer overflow vulnerability
2009-08-21 00:00:00
freebsd
freebsd
pidgin -- MSN overflow parsing SLP messages
2009-08-18 00:00:00
pidgin -- multiple vulnerabilities
2009-06-03 00:00:00
osv
osv
pidgin - insufficient input sanitization
2009-08-19 00:00:00
exploitdb
exploitdb
Pidgin MSN 2.5.8 - Remote Code Execution
2009-09-09 00:00:00

7.8 High

AI Score

Confidence

High

0.203 Low

EPSS

Percentile

96.4%

JSON
Related for OPENVAS:136141256231066109
openvas74nessus49gentoo1ubuntucve4prion4cvelist4debiancve4cve4securityvulns7debian4coresecurity1veracode4redhat3seebug4ubuntu4fedora10oraclelinux4centos3altlinux2zdi1slackware1exploitpack1packetstorm1cert1freebsd2osv1exploitdb1