MiracleLinux 7 : pidgin-2.10.11-5.el7 (AXSA:2017-1913:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2017-1913:01 advisory. Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell...

Linux Distros Unpatched Vulnerability : CVE-2014-3698

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The jabberidnvalidate function in jutil.c in the Jabber protocol plugin in libpurple in Pidgin before 2.10.10 allows remote attackers to obtain sensitive...

Huawei EulerOS: Security Advisory for pidgin (EulerOS-SA-2017-1165)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for pidgin (EulerOS-SA-2017-1166)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 7 : pidgin (CESA-2017:1854)

An update for pidgin is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Oracle Linux 7 : pidgin (ELSA-2017-1854)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-1854 advisory. - Add patch for CVE-2017-2640 Resolves: 1431022 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

Fedora 21 : pidgin-2.10.10-2.fc21 (2014-14112)

fix build on arches without valgrind Update to 2.10.10 Security fix for CVE-2014-3694, CVE-2014-3695, CVE-2014-3696, CVE-2014-3698 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically...

Fedora 20 : pidgin-2.10.10-1.fc20 (2014-14069)

Update to 2.10.10 Security fix for CVE-2014-3694, CVE-2014-3695, CVE-2014-3696, CVE-2014-3698 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...

Fedora Update for pidgin FEDORA-2014-14069

Check the version of pidgin SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868472";...

[USN-2390-1] Pidgin vulnerabilities

========================================================================== Ubuntu Security Notice USN-2390-1 October 28, 2014 pidgin vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

CVE-2014-3698

The jabberidnvalidate function in jutil.c in the Jabber protocol plugin in libpurple in Pidgin before 2.10.10 allows remote attackers to obtain sensitive information from process memory via a crafted XMPP message...

CVE-2014-3698

CVE-2014-3698 affects Pidgin/libpurple (Jabber/XMPP) via the jabber_idn_validate function in jutil.c. A crafted XMPP message can cause the process to disclose memory belonging to the pidgin process (information disclosure). Upstream references and security advisories document this alongside relat...

CVE-2014-3698

The jabberidnvalidate function in jutil.c in the Jabber protocol plugin in libpurple in Pidgin before 2.10.10 allows remote attackers to obtain sensitive information from process memory via a crafted XMPP message...

CVE-2014-3698

The jabberidnvalidate function in jutil.c in the Jabber protocol plugin in libpurple in Pidgin before 2.10.10 allows remote attackers to obtain sensitive information from process memory via a crafted XMPP message...

Updated pidgin packages fix security vulnerabilities

In Pidgin before 2.10.10, both of libpurple's bundled SSL/TLS plugins one for GnuTLS and one for NSS failed to check that the Basic Constraints extension allowed intermediate certificates to act as CAs. This allowed anyone with any valid certificate to create a fake certificate for any arbitrary...

[slackware-security] pidgin

New pidgin packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: pidgin-2.10.10-i486-1slack14.1.txz: Upgraded. This update fixes several security issues: Insufficient SSL certificate...

FreeBSD : libpurple/pidgin -- multiple vulnerabilities (d057c5e6-5b20-11e4-bebd-000c2980a9f3)

The pidgin development team reports : . %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2018 Jacques Vidrine and contributors Redistribution and use in source VuXML and...

[SECURITY] [DSA 3055-1] pidgin security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3055-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 23, 2014 http://www.debian.org/security/faq -...

CVE-2014-3698

The jabberidnvalidate function in jutil.c in the Jabber protocol plugin in libpurple in Pidgin before 2.10.10 allows remote attackers to obtain sensitive information from process memory via a crafted XMPP message...

KLA10448 Multiple Pidgin vulnerabilities

Multiple serious vulnerabilities have been found in Pidgin. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information and write local files. Below is a complete list of vulnerabilities 1. Vectors related to Jabber protocol can be exploited remotely...