Vulnerabilities > CVE-2009-1376 - Numeric Errors vulnerability in Pidgin
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim) before 2.5.6 on 32-bit platforms allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, leading to buffer overflows. NOTE: this issue exists because of an incomplete fix for CVE-2008-2927.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Exploit-Db
| description | Pidgin MSN <= 2.5.8 Remote Code Execution Exploit. CVE-2009-1376,CVE-2009-2694. Remote exploit for windows platform |
| file | exploits/windows/remote/9615.jar |
| id | EDB-ID:9615 |
| last seen | 2016-02-01 |
| modified | 2009-09-09 |
| platform | windows |
| port | |
| published | 2009-09-09 |
| reporter | Pierre Nogues |
| source | https://www.exploit-db.com/download/9615/ |
| title | Pidgin MSN <= 2.5.8 - Remote Code Execution Exploit |
| type | remote |
Nessus
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1870.NASL description Federico Muttis discovered that libpurple, the shared library that adds support for various instant messaging networks to the pidgin IM client, is vulnerable to a heap-based buffer overflow. This issue exists because of an incomplete fix for CVE-2008-2927 and CVE-2009-1376. An attacker can exploit this by sending two consecutive SLP packets to a victim via MSN. The first packet is used to create an SLP message object with an offset of zero, the second packet then contains a crafted offset which hits the vulnerable code originally fixed in CVE-2008-2927 and CVE-2009-1376 and allows an attacker to execute arbitrary code. Note: Users with the last seen 2020-06-01 modified 2020-06-02 plugin id 44735 published 2010-02-24 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/44735 title Debian DSA-1870-1 : pidgin - insufficient input validation code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-1870. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(44735); script_version("1.12"); script_cvs_date("Date: 2019/08/02 13:32:22"); script_cve_id("CVE-2009-2694"); script_bugtraq_id(36071); script_xref(name:"DSA", value:"1870"); script_name(english:"Debian DSA-1870-1 : pidgin - insufficient input validation"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Federico Muttis discovered that libpurple, the shared library that adds support for various instant messaging networks to the pidgin IM client, is vulnerable to a heap-based buffer overflow. This issue exists because of an incomplete fix for CVE-2008-2927 and CVE-2009-1376. An attacker can exploit this by sending two consecutive SLP packets to a victim via MSN. The first packet is used to create an SLP message object with an offset of zero, the second packet then contains a crafted offset which hits the vulnerable code originally fixed in CVE-2008-2927 and CVE-2009-1376 and allows an attacker to execute arbitrary code. Note: Users with the 'Allow only the users below' setting are not vulnerable to this attack. If you can't install the below updates you may want to set this via Tools->Privacy." ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2008-2927" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2009-1376" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2008-2927" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2009-1376" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2009/dsa-1870" ); script_set_attribute( attribute:"solution", value: "Upgrade the pidgin packages. For the stable distribution (lenny), this problem has been fixed in version 2.4.3-4lenny3." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:pidgin"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:5.0"); script_set_attribute(attribute:"patch_publication_date", value:"2009/08/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/02/24"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"5.0", prefix:"finch", reference:"2.4.3-4lenny3")) flag++; if (deb_check(release:"5.0", prefix:"finch-dev", reference:"2.4.3-4lenny3")) flag++; if (deb_check(release:"5.0", prefix:"libpurple-bin", reference:"2.4.3-4lenny3")) flag++; if (deb_check(release:"5.0", prefix:"libpurple-dev", reference:"2.4.3-4lenny3")) flag++; if (deb_check(release:"5.0", prefix:"libpurple0", reference:"2.4.3-4lenny3")) flag++; if (deb_check(release:"5.0", prefix:"pidgin", reference:"2.4.3-4lenny3")) flag++; if (deb_check(release:"5.0", prefix:"pidgin-data", reference:"2.4.3-4lenny3")) flag++; if (deb_check(release:"5.0", prefix:"pidgin-dbg", reference:"2.4.3-4lenny3")) flag++; if (deb_check(release:"5.0", prefix:"pidgin-dev", reference:"2.4.3-4lenny3")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2009-1060.NASL description Updated pidgin packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A buffer overflow flaw was found in the way Pidgin initiates file transfers when using the Extensible Messaging and Presence Protocol (XMPP). If a Pidgin client initiates a file transfer, and the remote target sends a malformed response, it could cause Pidgin to crash or, potentially, execute arbitrary code with the permissions of the user running Pidgin. This flaw only affects accounts using XMPP, such as Jabber and Google Talk. (CVE-2009-1373) A denial of service flaw was found in Pidgin last seen 2020-06-01 modified 2020-06-02 plugin id 43751 published 2010-01-06 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/43751 title CentOS 4 / 5 : pidgin (CESA-2009:1060) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2009:1060 and # CentOS Errata and Security Advisory 2009:1060 respectively. # include("compat.inc"); if (description) { script_id(43751); script_version("1.18"); script_cvs_date("Date: 2019/10/25 13:36:04"); script_cve_id("CVE-2008-2927", "CVE-2009-1373", "CVE-2009-1374", "CVE-2009-1375", "CVE-2009-1376", "CVE-2009-2694"); script_bugtraq_id(35067); script_xref(name:"RHSA", value:"2009:1060"); script_name(english:"CentOS 4 / 5 : pidgin (CESA-2009:1060)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote CentOS host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated pidgin packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A buffer overflow flaw was found in the way Pidgin initiates file transfers when using the Extensible Messaging and Presence Protocol (XMPP). If a Pidgin client initiates a file transfer, and the remote target sends a malformed response, it could cause Pidgin to crash or, potentially, execute arbitrary code with the permissions of the user running Pidgin. This flaw only affects accounts using XMPP, such as Jabber and Google Talk. (CVE-2009-1373) A denial of service flaw was found in Pidgin's QQ protocol decryption handler. When the QQ protocol decrypts packet information, heap data can be overwritten, possibly causing Pidgin to crash. (CVE-2009-1374) A flaw was found in the way Pidgin's PurpleCircBuffer object is expanded. If the buffer is full when more data arrives, the data stored in this buffer becomes corrupted. This corrupted data could result in confusing or misleading data being presented to the user, or possibly crash Pidgin. (CVE-2009-1375) It was discovered that on 32-bit platforms, the Red Hat Security Advisory RHSA-2008:0584 provided an incomplete fix for the integer overflow flaw affecting Pidgin's MSN protocol handler. If a Pidgin client receives a specially crafted MSN message, it may be possible to execute arbitrary code with the permissions of the user running Pidgin. (CVE-2009-1376) Note: By default, when using an MSN account, only users on your buddy list can send you messages. This prevents arbitrary MSN users from exploiting this flaw. All Pidgin users should upgrade to these updated packages, which contain backported patches to resolve these issues. Pidgin must be restarted for this update to take effect." ); # https://lists.centos.org/pipermail/centos-announce/2009-May/015891.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?8f0ad1a5" ); # https://lists.centos.org/pipermail/centos-announce/2009-May/015892.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?7b25971e" ); # https://lists.centos.org/pipermail/centos-announce/2009-May/015937.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?8266309b" ); script_set_attribute( attribute:"solution", value:"Update the affected pidgin packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_cwe_id(119, 189, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:finch"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:finch-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libpurple"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libpurple-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libpurple-perl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libpurple-tcl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:pidgin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:pidgin-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:pidgin-perl"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:4"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:5"); script_set_attribute(attribute:"vuln_publication_date", value:"2008/07/07"); script_set_attribute(attribute:"patch_publication_date", value:"2009/05/22"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/01/06"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"CentOS Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/CentOS/release"); if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS"); os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS"); os_ver = os_ver[1]; if (! preg(pattern:"^(4|5)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 4.x / 5.x", "CentOS " + os_ver); if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu); flag = 0; if (rpm_check(release:"CentOS-4", cpu:"ia64", reference:"finch-2.5.5-2.el4")) flag++; if (rpm_check(release:"CentOS-4", cpu:"ia64", reference:"finch-devel-2.5.5-2.el4")) flag++; if (rpm_check(release:"CentOS-4", cpu:"ia64", reference:"libpurple-2.5.5-2.el4")) flag++; if (rpm_check(release:"CentOS-4", cpu:"ia64", reference:"libpurple-devel-2.5.5-2.el4")) flag++; if (rpm_check(release:"CentOS-4", cpu:"ia64", reference:"libpurple-perl-2.5.5-2.el4")) flag++; if (rpm_check(release:"CentOS-4", cpu:"ia64", reference:"libpurple-tcl-2.5.5-2.el4")) flag++; if (rpm_check(release:"CentOS-4", cpu:"ia64", reference:"pidgin-2.5.5-2.el4")) flag++; if (rpm_check(release:"CentOS-4", cpu:"ia64", reference:"pidgin-devel-2.5.5-2.el4")) flag++; if (rpm_check(release:"CentOS-4", cpu:"ia64", reference:"pidgin-perl-2.5.5-2.el4")) flag++; if (rpm_check(release:"CentOS-5", reference:"finch-2.5.5-3.el5")) flag++; if (rpm_check(release:"CentOS-5", reference:"finch-devel-2.5.5-3.el5")) flag++; if (rpm_check(release:"CentOS-5", reference:"libpurple-2.5.5-3.el5")) flag++; if (rpm_check(release:"CentOS-5", reference:"libpurple-devel-2.5.5-3.el5")) flag++; if (rpm_check(release:"CentOS-5", reference:"libpurple-perl-2.5.5-3.el5")) flag++; if (rpm_check(release:"CentOS-5", reference:"libpurple-tcl-2.5.5-3.el5")) flag++; if (rpm_check(release:"CentOS-5", reference:"pidgin-2.5.5-3.el5")) flag++; if (rpm_check(release:"CentOS-5", reference:"pidgin-devel-2.5.5-3.el5")) flag++; if (rpm_check(release:"CentOS-5", reference:"pidgin-perl-2.5.5-3.el5")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "finch / finch-devel / libpurple / libpurple-devel / libpurple-perl / etc"); }NASL family Fedora Local Security Checks NASL id FEDORA_2009-5583.NASL description This is a bugfix & security fix release of Pidgin. The full ChangeLog is available at http://developer.pidgin.im/wiki/ChangeLog Details of the security fixes included are available at http://www.pidgin.im/news/security/ Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 38996 published 2009-06-03 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/38996 title Fedora 11 : pidgin-2.5.6-1.fc11 (2009-5583) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2009-5583. # include("compat.inc"); if (description) { script_id(38996); script_version ("1.15"); script_cvs_date("Date: 2019/08/02 13:32:30"); script_cve_id("CVE-2008-2927", "CVE-2009-1373", "CVE-2009-1374", "CVE-2009-1375", "CVE-2009-1376"); script_xref(name:"FEDORA", value:"2009-5583"); script_name(english:"Fedora 11 : pidgin-2.5.6-1.fc11 (2009-5583)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "This is a bugfix & security fix release of Pidgin. The full ChangeLog is available at http://developer.pidgin.im/wiki/ChangeLog Details of the security fixes included are available at http://www.pidgin.im/news/security/ Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); # http://developer.pidgin.im/wiki/ChangeLog script_set_attribute( attribute:"see_also", value:"https://developer.pidgin.im/wiki/ChangeLog" ); script_set_attribute( attribute:"see_also", value:"http://www.pidgin.im/news/security/" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=500488" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=500490" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=500491" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=500493" ); # https://lists.fedoraproject.org/pipermail/package-announce/2009-June/024432.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?61751bdd" ); script_set_attribute( attribute:"solution", value:"Update the affected pidgin package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_cwe_id(119, 189); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:pidgin"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:11"); script_set_attribute(attribute:"patch_publication_date", value:"2009/05/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/06/03"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^11([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 11.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC11", reference:"pidgin-2.5.6-1.fc11")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "pidgin"); }NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2009-1059.NASL description An updated pidgin package that fixes two security issues is now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A buffer overflow flaw was found in the way Pidgin initiates file transfers when using the Extensible Messaging and Presence Protocol (XMPP). If a Pidgin client initiates a file transfer, and the remote target sends a malformed response, it could cause Pidgin to crash or, potentially, execute arbitrary code with the permissions of the user running Pidgin. This flaw only affects accounts using XMPP, such as Jabber and Google Talk. (CVE-2009-1373) It was discovered that on 32-bit platforms, the Red Hat Security Advisory RHSA-2008:0584 provided an incomplete fix for the integer overflow flaw affecting Pidgin last seen 2020-06-01 modified 2020-06-02 plugin id 38871 published 2009-05-23 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/38871 title RHEL 3 : pidgin (RHSA-2009:1059) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2009:1059. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(38871); script_version ("1.25"); script_cvs_date("Date: 2019/10/25 13:36:14"); script_cve_id("CVE-2008-2927", "CVE-2009-1373", "CVE-2009-1376"); script_bugtraq_id(35067); script_xref(name:"RHSA", value:"2009:1059"); script_name(english:"RHEL 3 : pidgin (RHSA-2009:1059)"); script_summary(english:"Checks the rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing a security update." ); script_set_attribute( attribute:"description", value: "An updated pidgin package that fixes two security issues is now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A buffer overflow flaw was found in the way Pidgin initiates file transfers when using the Extensible Messaging and Presence Protocol (XMPP). If a Pidgin client initiates a file transfer, and the remote target sends a malformed response, it could cause Pidgin to crash or, potentially, execute arbitrary code with the permissions of the user running Pidgin. This flaw only affects accounts using XMPP, such as Jabber and Google Talk. (CVE-2009-1373) It was discovered that on 32-bit platforms, the Red Hat Security Advisory RHSA-2008:0584 provided an incomplete fix for the integer overflow flaw affecting Pidgin's MSN protocol handler. If a Pidgin client receives a specially crafted MSN message, it may be possible to execute arbitrary code with the permissions of the user running Pidgin. (CVE-2009-1376) Note: By default, when using an MSN account, only users on your buddy list can send you messages. This prevents arbitrary MSN users from exploiting this flaw. All Pidgin users should upgrade to this update package, which contains backported patches to resolve these issues. Pidgin must be restarted for this update to take effect." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2009-1373" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2009-1376" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2009:1059" ); script_set_attribute( attribute:"solution", value:"Update the affected pidgin package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_cwe_id(119, 189); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pidgin"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3"); script_set_attribute(attribute:"vuln_publication_date", value:"2008/07/07"); script_set_attribute(attribute:"patch_publication_date", value:"2009/05/22"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/05/23"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^3([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 3.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2009:1059"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL3", reference:"pidgin-1.5.1-3.el3")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "pidgin"); } }NASL family SuSE Local Security Checks NASL id SUSE_11_0_FINCH-090709.NASL description Several bugfixes were done for the Instant Messenger Pidgin : - Malformed responses to file transfers could cause a buffer overflow in pidgin (CVE-2009-1373) and specially crafted packets could crash it (CVE-2009-1375). - The fix against integer overflows in the msn protocol handling was incomplete (CVE-2009-1376). - Fixed misparsing ICQ message as SMS DoS (CVE-2009-1889, Pidgin#9483). Also the Yahoo IM protocol was made to work again. last seen 2020-06-01 modified 2020-06-02 plugin id 40336 published 2009-07-22 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/40336 title openSUSE Security Update : finch (finch-1088) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update finch-1088. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(40336); script_version("1.13"); script_cvs_date("Date: 2019/10/25 13:36:34"); script_cve_id("CVE-2009-1373", "CVE-2009-1375", "CVE-2009-1376", "CVE-2009-1889"); script_name(english:"openSUSE Security Update : finch (finch-1088)"); script_summary(english:"Check for the finch-1088 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "Several bugfixes were done for the Instant Messenger Pidgin : - Malformed responses to file transfers could cause a buffer overflow in pidgin (CVE-2009-1373) and specially crafted packets could crash it (CVE-2009-1375). - The fix against integer overflows in the msn protocol handling was incomplete (CVE-2009-1376). - Fixed misparsing ICQ message as SMS DoS (CVE-2009-1889, Pidgin#9483). Also the Yahoo IM protocol was made to work again." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=404163" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=503447" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=517786" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=518301" ); script_set_attribute( attribute:"solution", value:"Update the affected finch packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploited_by_malware", value:"true"); script_cwe_id(119, 189, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:finch"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:finch-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpurple"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpurple-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpurple-lang"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpurple-meanwhile"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libpurple-mono"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:pidgin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:pidgin-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.0"); script_set_attribute(attribute:"vuln_publication_date", value:"2009/05/26"); script_set_attribute(attribute:"patch_publication_date", value:"2009/07/09"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/07/22"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.0", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.0", reference:"finch-2.4.1-28.9") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"finch-devel-2.4.1-28.9") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"libpurple-2.4.1-28.9") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"libpurple-devel-2.4.1-28.9") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"libpurple-lang-2.4.1-28.9") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"libpurple-meanwhile-2.4.1-28.9") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"libpurple-mono-2.4.1-28.9") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"pidgin-2.4.1-28.9") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"pidgin-devel-2.4.1-28.9") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "pidgin"); }NASL family SuSE Local Security Checks NASL id SUSE_GAIM-6350.NASL description - malformed responses to file transfers could cause a buffer overflow in pidgin. (CVE-2009-1373) - the fix against integer overflows in the msn protocol handling was incomplete. (CVE-2009-1376) - certain ICQ message types could crash pidgin. (CVE-2009-1889) last seen 2020-06-01 modified 2020-06-02 plugin id 51744 published 2011-01-27 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/51744 title SuSE 10 Security Update : gaim (ZYPP Patch Number 6350) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1805.NASL description Several vulnerabilities have been discovered in Pidgin, a graphical multi-protocol instant messaging client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-1373 A buffer overflow in the Jabber file transfer code may lead to denial of service or the execution of arbitrary code. - CVE-2009-1375 Memory corruption in an internal library may lead to denial of service. - CVE-2009-1376 The patch provided for the security issue tracked as CVE-2008-2927 - integer overflows in the MSN protocol handler - was found to be incomplete. The old stable distribution (etch) is affected under the source package name gaim. However, due to build problems the updated packages couldn last seen 2020-06-01 modified 2020-06-02 plugin id 38878 published 2009-05-24 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/38878 title Debian DSA-1805-1 : pidgin - several vulnerabilities NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_B1CA65E65AAF11DEBC9B0030843D3802.NASL description Secunia reports : Some vulnerabilities and weaknesses have been reported in Pidgin, which can be exploited by malicious people to cause a DoS or to potentially compromise a user last seen 2020-06-01 modified 2020-06-02 plugin id 39426 published 2009-06-17 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/39426 title FreeBSD : pidgin -- multiple vulnerabilities (b1ca65e6-5aaf-11de-bc9b-0030843d3802) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200910-02.NASL description The remote host is affected by the vulnerability described in GLSA-200910-02 (Pidgin: Multiple vulnerabilities) Multiple vulnerabilities were found in Pidgin: Yuriy Kaminskiy reported that the OSCAR protocol implementation in Pidgin misinterprets the ICQWebMessage message type as the ICQSMS message type, triggering an allocation of a large amount of memory (CVE-2009-1889). Federico Muttis of Core Security Technologies reported that the msn_slplink_process_msg() function in libpurple/protocols/msn/slplink.c in libpurple as used in Pidgin doesn last seen 2020-06-01 modified 2020-06-02 plugin id 42214 published 2009-10-23 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/42214 title GLSA-200910-02 : Pidgin: Multiple vulnerabilities NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-886-1.NASL description It was discovered that Pidgin did not properly handle certain topic messages in the IRC protocol handler. If a user were tricked into connecting to a malicious IRC server, an attacker could cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 8.04 LTS, Ubuntu 8.10 and Ubuntu 9.04. (CVE-2009-2703) It was discovered that Pidgin did not properly enforce the last seen 2020-06-01 modified 2020-06-02 plugin id 44057 published 2010-01-19 reporter Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/44057 title Ubuntu 8.04 LTS / 8.10 / 9.04 / 9.10 : pidgin vulnerabilities (USN-886-1) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2009-1059.NASL description An updated pidgin package that fixes two security issues is now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A buffer overflow flaw was found in the way Pidgin initiates file transfers when using the Extensible Messaging and Presence Protocol (XMPP). If a Pidgin client initiates a file transfer, and the remote target sends a malformed response, it could cause Pidgin to crash or, potentially, execute arbitrary code with the permissions of the user running Pidgin. This flaw only affects accounts using XMPP, such as Jabber and Google Talk. (CVE-2009-1373) It was discovered that on 32-bit platforms, the Red Hat Security Advisory RHSA-2008:0584 provided an incomplete fix for the integer overflow flaw affecting Pidgin last seen 2020-06-01 modified 2020-06-02 plugin id 38868 published 2009-05-23 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/38868 title CentOS 3 : pidgin (CESA-2009:1059) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-781-2.NASL description It was discovered that Gaim did not properly handle certain malformed messages when sending a file using the XMPP protocol handler. If a user were tricked into sending a file, a remote attacker could send a specially crafted response and cause Gaim to crash, or possibly execute arbitrary code with user privileges. (CVE-2009-1373) It was discovered that Gaim did not properly handle certain malformed messages in the MSN protocol handler. A remote attacker could send a specially crafted message and possibly execute arbitrary code with user privileges. (CVE-2009-1376). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 39313 published 2009-06-04 reporter Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/39313 title Ubuntu 6.06 LTS : gaim vulnerabilities (USN-781-2) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2009-1218.NASL description Updated pidgin packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. Federico Muttis of Core Security Technologies discovered a flaw in Pidgin last seen 2020-06-01 modified 2020-06-02 plugin id 40639 published 2009-08-20 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/40639 title RHEL 3 / 4 / 5 : pidgin (RHSA-2009:1218) NASL family Scientific Linux Local Security Checks NASL id SL_20090522_PIDGIN_ON_SL3_X.NASL description A buffer overflow flaw was found in the way Pidgin initiates file transfers when using the Extensible Messaging and Presence Protocol (XMPP). If a Pidgin client initiates a file transfer, and the remote target sends a malformed response, it could cause Pidgin to crash or, potentially, execute arbitrary code with the permissions of the user running Pidgin. This flaw only affects accounts using XMPP, such as Jabber and Google Talk. (CVE-2009-1373) A denial of service flaw was found in Pidgin last seen 2020-06-01 modified 2020-06-02 plugin id 60589 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60589 title Scientific Linux Security Update : pidgin on SL3.x, SL4.x, SL5.x i386/x86_64 NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-781-1.NASL description It was discovered that Pidgin did not properly handle certain malformed messages when sending a file using the XMPP protocol handler. If a user were tricked into sending a file, a remote attacker could send a specially crafted response and cause Pidgin to crash, or possibly execute arbitrary code with user privileges. (CVE-2009-1373) It was discovered that Pidgin did not properly handle certain malformed messages in the QQ protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash. This issue only affected Ubuntu 8.10 and 9.04. (CVE-2009-1374) It was discovered that Pidgin did not properly handle certain malformed messages in the XMPP and Sametime protocol handlers. A remote attacker could send a specially crafted message and cause Pidgin to crash. (CVE-2009-1375) It was discovered that Pidgin did not properly handle certain malformed messages in the MSN protocol handler. A remote attacker could send a specially crafted message and possibly execute arbitrary code with user privileges. (CVE-2009-1376). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 39312 published 2009-06-04 reporter Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/39312 title Ubuntu 8.04 LTS / 8.10 / 9.04 : pidgin vulnerabilities (USN-781-1) NASL family Fedora Local Security Checks NASL id FEDORA_2009-5597.NASL description This is a bugfix & security fix release of Pidgin. The full ChangeLog is available at http://developer.pidgin.im/wiki/ChangeLog Details of the security fixes included are available at http://www.pidgin.im/news/security/ Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 38997 published 2009-06-03 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/38997 title Fedora 10 : pidgin-2.5.6-1.fc10 (2009-5597) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200905-07.NASL description The remote host is affected by the vulnerability described in GLSA-200905-07 (Pidgin: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Pidgin: Veracode reported a boundary error in the last seen 2020-06-01 modified 2020-06-02 plugin id 38909 published 2009-05-26 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/38909 title GLSA-200905-07 : Pidgin: Multiple vulnerabilities NASL family Windows NASL id PIDGIN_2_5_6.NASL description The remote host is running Pidgin earlier than 2.5.6. Such versions are reportedly affected by multiple buffer overflow vulnerabilities : - A buffer overflow is possible when initiating a file transfer to a malicious buddy over XMPP. (CVE-2009-1373) - A buffer overflow issue in the last seen 2020-06-01 modified 2020-06-02 plugin id 38866 published 2009-05-22 reporter This script is Copyright (C) 2009-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/38866 title Pidgin < 2.5.6 Multiple Buffer Overflows NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2009-146-01.NASL description New pidgin packages are available for Slackware 12.0, 12.1, 12.2, and -current to fix security issues. last seen 2020-06-01 modified 2020-06-02 plugin id 38915 published 2009-05-27 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/38915 title Slackware 12.0 / 12.1 / 12.2 / current : pidgin (SSA:2009-146-01) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2009-321.NASL description Security vulnerabilities has been identified and fixed in pidgin : The NSS plugin in libpurple in Pidgin 2.4.1 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service. (CVE-2008-3532) Pidgin 2.4.1 allows remote attackers to cause a denial of service (crash) via a long filename that contains certain characters, as demonstrated using an MSN message that triggers the crash in the msn_slplink_process_msg function. (CVE-2008-2955) The UPnP functionality in Pidgin 2.0.0, and possibly other versions, allows remote attackers to trigger the download of arbitrary files and cause a denial of service (memory or disk consumption) via a UDP packet that specifies an arbitrary URL. (CVE-2008-2957) Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin (formerly Gaim) before 2.5.6 allows remote authenticated users to execute arbitrary code via vectors involving an outbound XMPP file transfer. NOTE: some of these details are obtained from third-party information (CVE-2009-1373). Buffer overflow in the decrypt_out function in Pidgin (formerly Gaim) before 2.5.6 allows remote attackers to cause a denial of service (application crash) via a QQ packet (CVE-2009-1374). The PurpleCircBuffer implementation in Pidgin (formerly Gaim) before 2.5.6 does not properly maintain a certain buffer, which allows remote attackers to cause a denial of service (memory corruption and application crash) via vectors involving the (1) XMPP or (2) Sametime protocol (CVE-2009-1375). Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim) before 2.5.6 on 32-bit platforms allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, leading to buffer overflows. NOTE: this issue exists because of an incomplete fix for CVE-2008-2927 (CVE-2009-1376). The OSCAR protocol implementation in Pidgin before 2.5.8 misinterprets the ICQWebMessage message type as the ICQSMS message type, which allows remote attackers to cause a denial of service (application crash) via a crafted ICQ web message that triggers allocation of a large amount of memory (CVE-2009-1889). The msn_slplink_process_msg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin (formerly Gaim) before 2.5.9 and Adium 1.3.5 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by sending multiple crafted SLP (aka MSNSLP) messages to trigger an overwrite of an arbitrary memory location. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1376 (CVE-2009-2694). Unspecified vulnerability in Pidgin 2.6.0 allows remote attackers to cause a denial of service (crash) via a link in a Yahoo IM (CVE-2009-3025) protocols/jabber/auth.c in libpurple in Pidgin 2.6.0, and possibly other versions, does not follow the require TLS/SSL preference when connecting to older Jabber servers that do not follow the XMPP specification, which causes libpurple to connect to the server without the expected encryption and allows remote attackers to sniff sessions (CVE-2009-3026). libpurple/protocols/irc/msgs.c in the IRC protocol plugin in libpurple in Pidgin before 2.6.2 allows remote IRC servers to cause a denial of service (NULL pointer dereference and application crash) via a TOPIC message that lacks a topic string (CVE-2009-2703). The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an SLP invite message that lacks certain required fields, as demonstrated by a malformed message from a KMess client (CVE-2009-3083). The msn_slp_process_msg function in libpurple/protocols/msn/slpcall.c in the MSN protocol plugin in libpurple 2.6.0 and 2.6.1, as used in Pidgin before 2.6.2, allows remote attackers to cause a denial of service (application crash) via a handwritten (aka Ink) message, related to an uninitialized variable and the incorrect UTF16-LE charset name (CVE-2009-3084). The XMPP protocol plugin in libpurple in Pidgin before 2.6.2 does not properly handle an error IQ stanza during an attempted fetch of a custom smiley, which allows remote attackers to cause a denial of service (application crash) via XHTML-IM content with cid: images (CVE-2009-3085). This update provides pidgin 2.6.2, which is not vulnerable to these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 43024 published 2009-12-07 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/43024 title Mandriva Linux Security Advisory : pidgin (MDVSA-2009:321) NASL family SuSE Local Security Checks NASL id SUSE_FINCH-6342.NASL description Several bugfixes were done for the Instant Messenger Pidgin : - Malformed responses to file transfers could cause a buffer overflow in pidgin (CVE-2009-1373) and specially crafted packets could crash it. (CVE-2009-1375) - The fix against integer overflows in the msn protocol handling was incomplete. (CVE-2009-1376) - Fixed misparsing ICQ message as SMS DoS (CVE-2009-1889, Pidgin#9483). Also the Yahoo IM protocol was made to work again. last seen 2020-06-01 modified 2020-06-02 plugin id 51723 published 2011-01-27 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/51723 title SuSE 10 Security Update : pidgin (ZYPP Patch Number 6342) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2009-1218.NASL description From Red Hat Security Advisory 2009:1218 : Updated pidgin packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. Federico Muttis of Core Security Technologies discovered a flaw in Pidgin last seen 2020-06-01 modified 2020-06-02 plugin id 67912 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/67912 title Oracle Linux 3 / 4 : pidgin (ELSA-2009-1218) NASL family Fedora Local Security Checks NASL id FEDORA_2009-5552.NASL description This is a bugfix & security fix release of Pidgin. The full ChangeLog is available at http://developer.pidgin.im/wiki/ChangeLog Details of the security fixes included are available at http://www.pidgin.im/news/security/ Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 38995 published 2009-06-03 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/38995 title Fedora 9 : pidgin-2.5.6-1.fc9 (2009-5552) NASL family SuSE Local Security Checks NASL id SUSE_11_FINCH-090709.NASL description Several bugfixes were done for the Instant Messenger Pidgin : - Malformed responses to file transfers could cause a buffer overflow in pidgin (CVE-2009-1373) and specially crafted packets could crash it. (CVE-2009-1375) - The fix against integer overflows in the msn protocol handling was incomplete. (CVE-2009-1376) - Fixed misparsing ICQ message as SMS DoS (CVE-2009-1889, Pidgin#9483). Also the Yahoo IM protocol was made to work again. last seen 2020-06-01 modified 2020-06-02 plugin id 41388 published 2009-09-24 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/41388 title SuSE 11 Security Update : pidgin (SAT Patch Number 1094) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2009-1060.NASL description From Red Hat Security Advisory 2009:1060 : Updated pidgin packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A buffer overflow flaw was found in the way Pidgin initiates file transfers when using the Extensible Messaging and Presence Protocol (XMPP). If a Pidgin client initiates a file transfer, and the remote target sends a malformed response, it could cause Pidgin to crash or, potentially, execute arbitrary code with the permissions of the user running Pidgin. This flaw only affects accounts using XMPP, such as Jabber and Google Talk. (CVE-2009-1373) A denial of service flaw was found in Pidgin last seen 2020-06-01 modified 2020-06-02 plugin id 67863 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/67863 title Oracle Linux 4 : pidgin (ELSA-2009-1060) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2009-230.NASL description Security vulnerabilities has been identified and fixed in pidgin : The msn_slplink_process_msg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin (formerly Gaim) before 2.5.9 and Adium 1.3.5 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by sending multiple crafted SLP (aka MSNSLP) messages to trigger an overwrite of an arbitrary memory location. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1376 (CVE-2009-2694). Unspecified vulnerability in Pidgin 2.6.0 allows remote attackers to cause a denial of service (crash) via a link in a Yahoo IM (CVE-2009-3025) protocols/jabber/auth.c in libpurple in Pidgin 2.6.0, and possibly other versions, does not follow the require TLS/SSL preference when connecting to older Jabber servers that do not follow the XMPP specification, which causes libpurple to connect to the server without the expected encryption and allows remote attackers to sniff sessions (CVE-2009-3026). libpurple/protocols/irc/msgs.c in the IRC protocol plugin in libpurple in Pidgin before 2.6.2 allows remote IRC servers to cause a denial of service (NULL pointer dereference and application crash) via a TOPIC message that lacks a topic string (CVE-2009-2703). The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an SLP invite message that lacks certain required fields, as demonstrated by a malformed message from a KMess client (CVE-2009-3083). The msn_slp_process_msg function in libpurple/protocols/msn/slpcall.c in the MSN protocol plugin in libpurple 2.6.0 and 2.6.1, as used in Pidgin before 2.6.2, allows remote attackers to cause a denial of service (application crash) via a handwritten (aka Ink) message, related to an uninitialized variable and the incorrect UTF16-LE charset name (CVE-2009-3084). The XMPP protocol plugin in libpurple in Pidgin before 2.6.2 does not properly handle an error IQ stanza during an attempted fetch of a custom smiley, which allows remote attackers to cause a denial of service (application crash) via XHTML-IM content with cid: images (CVE-2009-3085). This update provides pidgin 2.6.2, which is not vulnerable to these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 40966 published 2009-09-14 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/40966 title Mandriva Linux Security Advisory : pidgin (MDVSA-2009:230) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2009-147.NASL description Security vulnerabilities has been identified and fixed in pidgin : Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin (formerly Gaim) before 2.5.6 allows remote authenticated users to execute arbitrary code via vectors involving an outbound XMPP file transfer. NOTE: some of these details are obtained from third-party information (CVE-2009-1373). Buffer overflow in the decrypt_out function in Pidgin (formerly Gaim) before 2.5.6 allows remote attackers to cause a denial of service (application crash) via a QQ packet (CVE-2009-1374). The PurpleCircBuffer implementation in Pidgin (formerly Gaim) before 2.5.6 does not properly maintain a certain buffer, which allows remote attackers to cause a denial of service (memory corruption and application crash) via vectors involving the (1) XMPP or (2) Sametime protocol (CVE-2009-1375). Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim) before 2.5.6 on 32-bit platforms allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, leading to buffer overflows. NOTE: this issue exists because of an incomplete fix for CVE-2008-2927 (CVE-2009-1376). This update provides pidgin 2.5.8, which is not vulnerable to these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 39582 published 2009-07-01 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/39582 title Mandriva Linux Security Advisory : pidgin (MDVSA-2009:147) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2009-1059.NASL description From Red Hat Security Advisory 2009:1059 : An updated pidgin package that fixes two security issues is now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A buffer overflow flaw was found in the way Pidgin initiates file transfers when using the Extensible Messaging and Presence Protocol (XMPP). If a Pidgin client initiates a file transfer, and the remote target sends a malformed response, it could cause Pidgin to crash or, potentially, execute arbitrary code with the permissions of the user running Pidgin. This flaw only affects accounts using XMPP, such as Jabber and Google Talk. (CVE-2009-1373) It was discovered that on 32-bit platforms, the Red Hat Security Advisory RHSA-2008:0584 provided an incomplete fix for the integer overflow flaw affecting Pidgin last seen 2020-06-01 modified 2020-06-02 plugin id 67862 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/67862 title Oracle Linux 3 : pidgin (ELSA-2009-1059) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2009-1218.NASL description Updated pidgin packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. Federico Muttis of Core Security Technologies discovered a flaw in Pidgin last seen 2020-06-01 modified 2020-06-02 plugin id 40625 published 2009-08-20 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/40625 title CentOS 3 / 5 : pidgin (CESA-2009:1218) NASL family SuSE Local Security Checks NASL id SUSE_11_1_FINCH-090708.NASL description Several bugfixes were done for the Instant Messenger Pidgin : - Malformed responses to file transfers could cause a buffer overflow in pidgin (CVE-2009-1373) and specially crafted packets could crash it (CVE-2009-1375). - The fix against integer overflows in the msn protocol handling was incomplete (CVE-2009-1376). - Fixed misparsing ICQ message as SMS DoS (CVE-2009-1889, Pidgin#9483). Also the Yahoo IM protocol was made to work again. last seen 2020-06-01 modified 2020-06-02 plugin id 40338 published 2009-07-22 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/40338 title openSUSE Security Update : finch (finch-1088) NASL family SuSE Local Security Checks NASL id SUSE_FINCH-6351.NASL description Several bugfixes were done for the Instant Messenger Pidgin : - Malformed responses to file transfers could cause a buffer overflow in pidgin (CVE-2009-1373) and specially crafted packets could crash it (CVE-2009-1375). - The fix against integer overflows in the msn protocol handling was incomplete (CVE-2009-1376). - Fixed misparsing ICQ message as SMS DoS (CVE-2009-1889, Pidgin#9483). Also the Yahoo IM protocol was made to work again. last seen 2020-06-01 modified 2020-06-02 plugin id 41999 published 2009-10-06 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/41999 title openSUSE 10 Security Update : finch (finch-6351) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2009-1060.NASL description Updated pidgin packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A buffer overflow flaw was found in the way Pidgin initiates file transfers when using the Extensible Messaging and Presence Protocol (XMPP). If a Pidgin client initiates a file transfer, and the remote target sends a malformed response, it could cause Pidgin to crash or, potentially, execute arbitrary code with the permissions of the user running Pidgin. This flaw only affects accounts using XMPP, such as Jabber and Google Talk. (CVE-2009-1373) A denial of service flaw was found in Pidgin last seen 2020-06-01 modified 2020-06-02 plugin id 38872 published 2009-05-23 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/38872 title RHEL 4 / 5 : pidgin (RHSA-2009:1060)
Oval
accepted 2013-04-29T04:05:59.233-04:00 class vulnerability contributors name Aharon Chernin organization SCAP.com, LLC name Dragos Prisaca organization G2, Inc.
definition_extensions comment The operating system installed on the system is Red Hat Enterprise Linux 3 oval oval:org.mitre.oval:def:11782 comment CentOS Linux 3.x oval oval:org.mitre.oval:def:16651 comment The operating system installed on the system is Red Hat Enterprise Linux 4 oval oval:org.mitre.oval:def:11831 comment CentOS Linux 4.x oval oval:org.mitre.oval:def:16636 comment Oracle Linux 4.x oval oval:org.mitre.oval:def:15990 comment The operating system installed on the system is Red Hat Enterprise Linux 5 oval oval:org.mitre.oval:def:11414 comment The operating system installed on the system is CentOS Linux 5.x oval oval:org.mitre.oval:def:15802 comment Oracle Linux 5.x oval oval:org.mitre.oval:def:15459
description Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim) before 2.5.6 on 32-bit platforms allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, leading to buffer overflows. NOTE: this issue exists because of an incomplete fix for CVE-2008-2927. family unix id oval:org.mitre.oval:def:10476 status accepted submitted 2010-07-09T03:56:16-04:00 title Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim) before 2.5.6 on 32-bit platforms allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, leading to buffer overflows. NOTE: this issue exists because of an incomplete fix for CVE-2008-2927. version 27 accepted 2013-09-30T04:01:14.217-04:00 class vulnerability contributors name Shane Shaffer organization G2, Inc. definition_extensions comment Pidgin is installed oval oval:org.mitre.oval:def:12366 description Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim) before 2.5.6 on 32-bit platforms allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, leading to buffer overflows. NOTE: this issue exists because of an incomplete fix for CVE-2008-2927. family windows id oval:org.mitre.oval:def:18432 status accepted submitted 2013-08-16T15:36:10.221-04:00 title Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim) before 2.5.6 on 32-bit platforms allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, leading to buffer overflows. NOTE: this issue exists because of an incomplete fix for CVE-2008-2927 version 4
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
Seebug
| bulletinFamily | exploit |
| description | BUGTRAQ ID: 35067 CVE(CAN) ID: CVE-2009-1376,CVE-2009-1375,CVE-2009-1374,CVE-2009-1373 Pidgin是支持多种协议的即时通讯客户端。 Pidgin在处理各种即时消息时存在多个缓冲区溢出漏洞,可能导致拒绝服务或完全入侵用户的系统。 1) 处理MSN SLP消息时的截尾错误可能导致缓冲区溢出。 2) XMPP SOCKS5 bytestream服务器在初始化出站文件传输时存在缓冲区溢出。 3) PurpleCircBuffer结构的实现中存在边界条件错误,特制的XMPP或Sametime报文可能导致内存破坏而崩溃。 4) 特制的QQ报文可能导致decrypt_out()函数出现8个字节的栈溢出。 Pidgin < 2.5.6 厂商补丁: RedHat ------ RedHat已经为此发布了一个安全公告(RHSA-2009:1060-02)以及相应补丁: RHSA-2009:1060-02:Important: pidgin security update 链接:<a href="https://www.redhat.com/support/errata/RHSA-2009-1060.html" target="_blank" rel=external nofollow>https://www.redhat.com/support/errata/RHSA-2009-1060.html</a> |
| id | SSV:11415 |
| last seen | 2017-11-19 |
| modified | 2009-05-25 |
| published | 2009-05-25 |
| reporter | Root |
| title | Pidgin多个缓冲区溢出漏洞 |
References
- http://www.securityfocus.com/bid/35067
- http://www.pidgin.im/news/security/?id=32
- https://bugzilla.redhat.com/show_bug.cgi?id=500493
- http://www.redhat.com/support/errata/RHSA-2009-1060.html
- http://secunia.com/advisories/35194
- http://secunia.com/advisories/35202
- http://www.redhat.com/support/errata/RHSA-2009-1059.html
- http://secunia.com/advisories/35188
- http://www.vupen.com/english/advisories/2009/1396
- http://debian.org/security/2009/dsa-1805
- http://www.gentoo.org/security/en/glsa/glsa-200905-07.xml
- http://secunia.com/advisories/35215
- http://www.ubuntu.com/usn/USN-781-2
- https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00033.html
- http://www.ubuntu.com/usn/USN-781-1
- https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00051.html
- https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00075.html
- http://secunia.com/advisories/35294
- http://secunia.com/advisories/35330
- http://secunia.com/advisories/35329
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:140
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:173
- http://secunia.com/advisories/37071
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50680
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18432
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10476