662 matches found
[SECURITY] Fedora 10 Update: pidgin-2.6.0-1.fc10
Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just...
CVE-2009-2435
The Sametime server in IBM Lotus Instant Messaging and Web Conferencing 6.5.1 generates error messages for a failed logon attempt with different time delays depending on whether the user account exists, which allows remote attackers to enumerate valid usernames...
CVE-2009-2435
The Sametime server in IBM Lotus Instant Messaging and Web Conferencing 6.5.1 generates error messages for a failed logon attempt with different time delays depending on whether the user account exists, which allows remote attackers to enumerate valid usernames...
CVE-2009-2435
The CVE-2009-2435 entry corresponds to IBM Lotus Sametime/Instant Messaging and Web Conferencing 6.5.1. The vulnerability arises from login error handling that produces different time delays depending on whether the target username exists, enabling remote attackers to enumerate valid usernames. I...
IBM Lotus Sametime用户名枚举漏洞
Bugraq ID: 35614 IBM Lotus Sametime是一款企业级即使消息和WEB会议应用程序。 IBM Lotus Sametime处理登录过程中提供的不同用户名处理存在问题,远程攻击者可以利用漏洞获得合法用户信息。 客户端提供合法用户名非法密码,其之后显示的'Invalid logon'错误消息会在5-8秒之后显示,而提供非法用户名和密码,错误会在1-3秒内提示,借此可以判断用户名是否合法。 IBM Lotus Instant Messaging and Web Conferencing 6.5.1 目前没有解决方案提供: http://www.ibm.com/...
IBM Lotus Sametime Instant Messaging and Web Conferencing
Different reply timeings in case for invalid username and password...
[Full-disclosure] Lotus Sametime User Enumeration Vulnerability - Security Advisory - SOS-09-004
Lotus Sametime User Enumeration Vulnerability - Security Advisory - SOS-09-004 Release Date. 9-Jul-2009 Vendor Notification Date. 2-Jun-2009 Product. IBM Lotus Instant Messaging and Web Conferencing Sametime Platform. Windows verified, possibly others Affected versions. IBM Lotus Instant Messagin...
Mandrake Security Advisory MDVSA-2009:147 (pidgin)
The remote host is missing an update to pidgin announced via advisory MDVSA-2009:147. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...
FreeBSD : pidgin -- multiple vulnerabilities (b1ca65e6-5aaf-11de-bc9b-0030843d3802)
Secunia reports : Some vulnerabilities and weaknesses have been reported in Pidgin, which can be exploited by malicious people to cause a DoS or to potentially compromise a user's system. A truncation error in the processing of MSN SLP messages can be exploited to cause a buffer overflow. A...
Ubuntu USN-781-1 (pidgin)
The remote host is missing an update to pidgin announced via advisory USN-781-1. OpenVAS Vulnerability Test $Id: ubuntu7811.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu7811.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-781-1 pidgin Authors: Thomas Rein...
Ubuntu: Security Advisory (USN-781-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 8.04 LTS / 8.10 / 9.04 : pidgin vulnerabilities (USN-781-1)
It was discovered that Pidgin did not properly handle certain malformed messages when sending a file using the XMPP protocol handler. If a user were tricked into sending a file, a remote attacker could send a specially crafted response and cause Pidgin to crash, or possibly execute arbitrary code...
USN-781-1: Pidgin vulnerabilities
It was discovered that Pidgin did not properly handle certain malformed messages when sending a file using the XMPP protocol handler. If a user were tricked into sending a file, a remote attacker could send a specially crafted response and cause Pidgin to crash, or possibly execute arbitrary code...
[SECURITY] Fedora 10 Update: pidgin-2.5.6-1.fc10
Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just...
Pidgin Multiple Buffer Overflow Vulnerabilities (Linux)
This host has installed pidgin and is prone to Multiple Buffer Overflow Vulnerabilities OpenVAS Vulnerability Test $Id: secpodpidginmulbofvulnlin.nasl 5122 2017-01-27 12:16:00Z teissa $ Pidgin Multiple Buffer Overflow Vulnerabilities Linux Authors: Antu Sanadi Copyright: Copyright c 2009 SecPod,...
CVE-2009-1375
The PurpleCircBuffer implementation in Pidgin formerly Gaim before 2.5.6 does not properly maintain a certain buffer, which allows remote attackers to cause a denial of service memory corruption and application crash via vectors involving the 1 XMPP or 2 Sametime protocol...
CVE-2009-1375
The PurpleCircBuffer implementation in Pidgin formerly Gaim before 2.5.6 does not properly maintain a certain buffer, which allows remote attackers to cause a denial of service memory corruption and application crash via vectors involving the 1 XMPP or 2 Sametime protocol...
Memory corruption
The PurpleCircBuffer implementation in Pidgin formerly Gaim before 2.5.6 does not properly maintain a certain buffer, which allows remote attackers to cause a denial of service memory corruption and application crash via vectors involving the 1 XMPP or 2 Sametime protocol...
CVE-2009-1375
The PurpleCircBuffer implementation in Pidgin formerly Gaim before 2.5.6 does not properly maintain a certain buffer, which allows remote attackers to cause a denial of service memory corruption and application crash via vectors involving the 1 XMPP or 2 Sametime protocol...
CVE-2009-1375
CVE-2009-1375 concerns the PurpleCircBuffer expansion in Pidgin (formerly Gaim) up to 2.5.6. When the buffer is full, data can be corrupted, potentially causing a crash or misleading UI. Connected advisories indicate pidgin updates (e.g., to version 2.6.x) fix this and related issues (XMPP/Sameti...