112 matches found
gaim
New gaim packages are available for Slackware 9.0, 9.1, 10.0, 10.1, and -current to fix some security issues. including: AIM/ICQ away message buffer overflow AIM/ICQ non-UTF-8 filename crash Gadu-Gadu memory alignment bug Sites that use GAIM should upgrade to the new version. More details about...
USN-168-1: Gaim vulnerabilities
Daniel Atallah discovered a Denial of Service vulnerability in the file transfer handler of OSCAR the module that handles various instant messaging protocols like ICQ. A remote attacker could crash the Gaim client of an user by attempting to send him a file with a name that contains invalid UTF-8...
USN-162-1: ekg and Gadu library vulnerabilities
Marcin Owsiany and Wojtek Kaniewski discovered that some contributed scripts contrib/ekgh, contrib/ekgnv.sh, and contrib/getekg.sh in the ekg package created temporary files in an insecure way, which allowed exploitation of a race condition to create or overwrite files with the privileges of the...
Debian DSA-769-1 : gaim - memory alignment bug
Szymon Zygmunt and Michal Bartoszkiewicz discovered a memory alignment error in libgadu from ekg, console Gadu Gadu client, an instant messaging program which is included in gaim, a multi-protocol instant messaging client, as well. This can not be exploited on the x86 architecture but on others,...
[SECURITY] [DSA 769-1] New gaim packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 769-1 [email protected] http://www.debian.org/security/ Martin Schulze July 29th, 2005 http://www.debian.org/security/faq -...
DSA-769-1 gaim - memory alignment bug
Bulletin has no description...
CVE-2005-2370
Multiple "memory alignment errors" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service bus error on certain architectures such as SPARC via an incoming message...
CVE-2005-2370
Multiple "memory alignment errors" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service bus error on certain architectures such as SPARC via an incoming message...
CVE-2005-2370
CVE-2005-2370 refers to memory alignment errors in libgadu, exploited by processing an incoming message to trigger a denial of service on architectures such as SPARC. The vulnerability affects the libgadu-based components used by programs like ekg (before 1.6rc2) and Gaim (before 1.5.0), among ot...
security flaw
Multiple "memory alignment errors" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service bus error on certain architectures such as SPARC via an incoming message...
libgadu -- multiple vulnerabilities
Wojtek Kaniewski reports: Multiple vulnerabilities have been found in libgadu, a library for handling Gadu-Gadu instant messaging protocol. It is a part of ekg, a Gadu-Gadu client, but is widely used in other clients. Also some of the user contributed scripts were found to behave in an insecure...
irssi - potential remote crash
irssi 0.8.9 release fixes a vulnerability that allows normal IRC users to remotely crash another user's irssi client, provided that either of these conditions is met: a irssi is running on an architecture that requires memory alignmentation ie. not x86 b "gui print text" signal is being used by...