SuSE 10 Security Update : finch, libpurple, and pidgin (ZYPP Patch Number 8131)

NASLDB: SuSE 10 Security Update : finch, libpurple, and pidgin (ZYPP Patch Number 8131)

General

ID: 59682
Name: SuSE 10 Security Update : finch, libpurple, and pidgin (ZYPP Patch Number 8131)

Summary: Checks rpm output for the updated packages

Credits: Tenable Network Security, Inc.

Classification

Risk: –

CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS Temporal Vector: –

Port: 0
Family: SuSE Local Security Checks
Type: Local

Description

Various remote triggerable crashes in pidgin have been fixed :

– In some situations the MSN server sends text that isn’t
UTF-8 encoded, and Pidgin fails to verify the text’s
encoding. In some cases this can lead to a crash when
attempting to display the text (). (CVE-2012-1178)

– Incoming messages with certain characters or character
encodings can cause clients to crash. (CVE-2012-1178 /
CVE-2012-2318)

– A series of specially crafted file transfer requests can
cause clients to reference invalid memory. The user must
have accepted one of the file transfer requests.
(CVE-2012-2214)

Exploiting

Exploit Available: –
Exploitability Ease: –

Sources

CVE: CVE-2012-1178
OSVDB: –
Bugtraq: –
scipID: –

Timeline

Vulnerability Disclosure: –
Patch Release: 2012/05/15
Plugin Release: 2012/06/25

Plugin

Version: 1.1
Filename: suse_finch-8131.nasl
Filesize: 3540 bytes
MD5 Hash: e5ee85dd08887151744754947033900c

Identification: Host/local_checks_enabled
Require Keys: Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list
Dependencies: "ssh_get_info.nasl"

Letzte Plugins

Letzte Plugins

scip AG