Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2010 Greenbone AGOPENVAS:1361412562310800423
HistoryJan 16, 2010 - 12:00 a.m.

Pidgin MSN Protocol Plugin DoS Vulnerability - Windows

2010-01-1600:00:00
Copyright (C) 2010 Greenbone AG
plugins.openvas.org
20

7.4 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.209 Low

EPSS

Percentile

96.3%

JSON

Pidgin is prone to a denial of service (DoS) vulnerability.

# SPDX-FileCopyrightText: 2010 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.800423");
  script_version("2024-02-15T05:05:39+0000");
  script_tag(name:"last_modification", value:"2024-02-15 05:05:39 +0000 (Thu, 15 Feb 2024)");
  script_tag(name:"creation_date", value:"2010-01-16 12:13:24 +0100 (Sat, 16 Jan 2010)");
  script_tag(name:"cvss_base", value:"5.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_cve_id("CVE-2010-0277");
  script_name("Pidgin MSN Protocol Plugin DoS Vulnerability - Windows");
  script_xref(name:"URL", value:"http://www.openwall.com/lists/oss-security/2010/01/07/2");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2010 Greenbone AG");
  script_family("Denial of Service");
  script_dependencies("secpod_pidgin_detect_win.nasl");
  script_mandatory_keys("Pidgin/Win/Ver");
  script_tag(name:"impact", value:"Attackers can exploit this issue to cause a denial of service (memory corruption)
  or possibly have unspecified other impact via unknown vectors.");
  script_tag(name:"affected", value:"Pidgin version prior to 2.6.4 on Windows.");
  script_tag(name:"insight", value:"This issue is due to an error in 'slp.c' within the 'MSN protocol plugin'
  in 'libpurple' when processing MSN request.");
  script_tag(name:"solution", value:"Upgrade to Pidgin version 2.6.6 or later.");
  script_tag(name:"summary", value:"Pidgin is prone to a denial of service (DoS) vulnerability.");
  script_tag(name:"qod_type", value:"registry");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}

include("version_func.inc");

pidginVer = get_kb_item("Pidgin/Win/Ver");
if(pidginVer != NULL)
{
  if(version_is_less_equal(version:pidginVer, test_version:"2.6.4")){
    report = report_fixed_ver(installed_version:pidginVer, vulnerable_range:"Less than or equal to 2.6.4");
    security_message(port: 0, data: report);
  }
}

Related

openvas 37
securityvulns 4
veracode 1
prion 1
debiancve 1
ubuntucve 1
cve 1
fedora 7
oraclelinux 1
nessus 22
ubuntu 1
redhat 1
altlinux 2
seebug 1
centos 1
slackware 1
freebsd 1
debian 2
openvas
openvas
Pidgin MSN Protocol Plugin Denial Of Service Vulnerability (Windows)
2010-01-16 00:00:00
Pidgin < 2.6.6 MSN Protocol Plugin Denial Of Service Vulnerability - Linux
2010-01-16 00:00:00
Ubuntu Update for pidgin vulnerabilities USN-902-1
2010-03-02 00:00:00
securityvulns
securityvulns
HP Power Manager crossite request forgery
2011-02-14 00:00:00
[security bulletin] HPSBMA02629 SSRT100381 rev.1 - HP Power Manager &#40;HPPM&#41; Running on Linux and Windows, Cross Site Request Forgery &#40;CSRF&#41;
2011-02-14 00:00:00
Pidgin / Adium messenger multiple security vulnerabilities
2010-02-19 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:40:21
prion
prion
Memory corruption
2010-01-09 18:30:00
debiancve
debiancve
CVE-2010-0277
2010-01-09 18:30:00
ubuntucve
ubuntucve
CVE-2010-0277
2010-01-09 00:00:00
cve
cve
CVE-2010-0277
2010-01-09 18:30:00
fedora
fedora
[SECURITY] Fedora 13 Update: pidgin-2.6.6-1.fc13
2010-02-20 00:13:53
[SECURITY] Fedora 12 Update: pidgin-2.6.6-1.fc12
2010-02-20 00:26:26
[SECURITY] Fedora 12 Update: pidgin-2.7.0-2.fc12
2010-05-24 19:48:53
oraclelinux
oraclelinux
pidgin security update
2010-02-18 00:00:00
nessus
nessus
Solaris 10 (sparc) : 143317-03 (deprecated)
2013-12-28 00:00:00
Fedora 13 : pidgin-2.6.6-1.fc13 (2010-1934)
2010-07-01 00:00:00
Scientific Linux Security Update : pidgin on SL4.x, SL5.x i386/x86_64
2012-08-01 00:00:00
ubuntu
ubuntu
Pidgin vulnerabilities
2010-02-22 00:00:00
redhat
redhat
(RHSA-2010:0115) Moderate: pidgin security update
2010-02-18 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package pidgin version 2.6.6-alt1
2010-02-22 00:00:00
Security fix for the ALT Linux 5 package pidgin-mini version 2.7.1-alt1
2010-06-13 00:00:00
seebug
seebug
Pidgin倚δΈͺζ‹’η»ζœεŠ‘ζΌζ΄ž
2010-03-02 00:00:00
centos
centos
finch, libpurple, pidgin security update
2010-02-20 00:04:47
slackware
slackware
[slackware-security] pidgin
2010-03-11 02:17:44
freebsd
freebsd
pidgin -- multiple remote denial of service vulnerabilities
2010-02-18 00:00:00
debian
debian
[Backports-security-announce] Security Update for pidgin
2010-02-18 22:27:39
[Backports-security-announce] Security Update for pidgin
2010-02-18 22:17:54

7.4 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.209 Low

EPSS

Percentile

96.3%

JSON
Related for OPENVAS:1361412562310800423
openvas37securityvulns4veracode1prion1debiancve1ubuntucve1cve1fedora7oraclelinux1nessus22ubuntu1redhat1altlinux2seebug1centos1slackware1freebsd1debian2