openSUSE Security Update : pidgin (openSUSE-2011-35)

specially crafted SILC messages could crash libpurple CVE-2011-3594 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2011-35. The text description of this plugin is C SUSE LLC...

openSUSE Security Update : finch (openSUSE-SU-2011:1291-1)

This update fixes the following security issues : - 722199: libpurple vulnerability in SILC protocol handling CVE-2011-3594 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update finch-5485. The text...

openSUSE Security Update : finch (openSUSE-SU-2011:1291-1)

This update fixes the following security issues : - 722199: libpurple vulnerability in SILC protocol handling CVE-2011-3594 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update finch-5485. The text...

Oracle Linux 4 : pidgin (ELSA-2011-1371)

From Red Hat Security Advisory 2011:1371 : Updated pidgin packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base...

Gentoo Security Advisory GLSA 201206-11 (Pidgin)

The remote host is missing updates announced in advisory GLSA 201206-11. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Scientific Linux Security Update : pidgin on SL4.x, SL5.x i386/x86_64

Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. An input sanitization flaw was found in the way the Pidgin SILC Secure Internet Live Conferencing protocol plug-in escaped certain UTF-8 characters. A remote attacke...

Fedora Update for pidgin FEDORA-2012-10294

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for pidgin FEDORA-2012-8686

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for pidgin FEDORA-2012-8686

Check for the Version of pidgin OpenVAS Vulnerability Test Fedora Update for pidgin FEDORA-2012-8686 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

Fedora Update for pidgin FEDORA-2011-17558

Check for the Version of pidgin OpenVAS Vulnerability Test Fedora Update for pidgin FEDORA-2011-17558 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Fedora Update for pidgin FEDORA-2011-17558

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for pidgin FEDORA-2012-4595

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Security fix for the ALT Linux 6 package pidgin version 2.10.1-alt0.M60P.1

March 13, 2012 Gleb Fotengauer-Malinovskiy 2.10.1-alt0.M60P.1 - p6 security update fix CVE-2011-3594 CVE-2011-4601 CVE-2011-4602 CVE-2011-4603...

Security fix for the ALT Linux 5 package pidgin version 2.10.1-alt0.M50P.1

March 13, 2012 Gleb Fotengauer-Malinovskiy 2.10.1-alt0.M50P.1 - p5 security update fix CVE-2011-3594 CVE-2011-4601 CVE-2011-4602 CVE-2011-4603...

Security fix for the ALT Linux 6 package pidgin version 2.10.1-alt1

Jan. 10, 2012 Alexey Shabalin 2.10.1-alt1 - 2.10.1 fixed CVE-2011-3594,CVE-2011-4601,CVE-2011-4602,CVE-2011-4603...

Security fix for the ALT Linux 5 package pidgin version 2.10.1-alt1

Jan. 10, 2012 Alexey Shabalin 2.10.1-alt1 - 2.10.1 fixed CVE-2011-3594,CVE-2011-4601,CVE-2011-4602,CVE-2011-4603...

SuSE 11.1 Security Update : pidgin, libpurple and finch (SAT Patch Number 5389)

This update fixes the following security issues : - 604225: MSN emoticon DoS. CVE-2010-1624 - 648273: multiple NULL pointer dereference weaknesses. CVE-2010-3711 - 722199: vulnerability in SILC protocol handling CVE-2011-3594 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive te...

[USN-1273-1] Pidgin vulnerabilities

========================================================================== Ubuntu Security Notice USN-1273-1 November 21, 2011 pidgin vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

Pidgin "silc_private_message()"拒绝服务漏洞

BUGTRAQ ID: 49912 CVE ID: CVE-2011-3594 Pidgin是支持多种协议的即时通讯客户端。 Pidgin中使用的libpurple 2.10.0及更早版本的SILC协议插件中的gmarkupescapetext函数，允许远程攻击者通过无效的UTF-8序列造成拒绝服务。 Pidgin 2.10.0 厂商补丁： Pidgin ------ 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://pidgin.im/pidgin/home/...

CVE-2011-3594

CVE-2011-3594 affects the Pidgin/libpurple SILC protocol plug-in (libpurple 2.10.0 and earlier). The issue: remote sending of certain SILC messages with invalid UTF-8 sequences can trigger use-after-free/invalid-pointer and out-of-bounds reads, crashing Pidgin. Public advisories show downstream p...