Vulnerabilities > CVE-2013-6477 - Numeric Errors vulnerability in Pidgin

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
pidgin
CWE-189
nessus

Summary

Multiple integer signedness errors in libpurple in Pidgin before 2.10.8 allow remote attackers to cause a denial of service (application crash) via a crafted timestamp value in an XMPP message.

Common Weakness Enumeration (CWE)

Nessus

  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_FINCH-140508.NASL
    descriptionThe pidgin Instant Messenger has been updated to fix various security issues : - Remotely triggerable crash in IRC argument parsing. (CVE-2014-0020) - Buffer overflow in SIMPLE header parsing. (CVE-2013-6490) - Buffer overflow in MXit emoticon parsing. (CVE-2013-6489) - Buffer overflow in Gadu-Gadu HTTP parsing. (CVE-2013-6487) - Pidgin uses clickable links to untrusted executables. (CVE-2013-6486) - Buffer overflow parsing chunked HTTP responses. (CVE-2013-6485) - Crash reading response from STUN server. (CVE-2013-6484) - XMPP doesn
    last seen2020-06-05
    modified2014-05-24
    plugin id74173
    published2014-05-24
    reporterThis script is Copyright (C) 2014-2020 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/74173
    titleSuSE 11.3 Security Update : finch (SAT Patch Number 9213)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from SuSE 11 update information. The text itself is
    # copyright (C) Novell, Inc.
    #
    
    if (NASL_LEVEL < 3000) exit(0);
    
    include("compat.inc");
    
    if (description)
    {
      script_id(74173);
      script_version("1.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04");
    
      script_cve_id("CVE-2012-6152", "CVE-2013-6477", "CVE-2013-6478", "CVE-2013-6479", "CVE-2013-6481", "CVE-2013-6482", "CVE-2013-6483", "CVE-2013-6484", "CVE-2013-6485", "CVE-2013-6486", "CVE-2013-6487", "CVE-2013-6489", "CVE-2013-6490", "CVE-2014-0020");
    
      script_name(english:"SuSE 11.3 Security Update : finch (SAT Patch Number 9213)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 11 host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The pidgin Instant Messenger has been updated to fix various security
    issues :
    
      - Remotely triggerable crash in IRC argument parsing.
        (CVE-2014-0020)
    
      - Buffer overflow in SIMPLE header parsing.
        (CVE-2013-6490)
    
      - Buffer overflow in MXit emoticon parsing.
        (CVE-2013-6489)
    
      - Buffer overflow in Gadu-Gadu HTTP parsing.
        (CVE-2013-6487)
    
      - Pidgin uses clickable links to untrusted executables.
        (CVE-2013-6486)
    
      - Buffer overflow parsing chunked HTTP responses.
        (CVE-2013-6485)
    
      - Crash reading response from STUN server. (CVE-2013-6484)
    
      - XMPP doesn't verify 'from' on some iq replies.
        (CVE-2013-6483)
    
      - NULL pointer dereference parsing SOAP data in MSN.
        (CVE-2013-6482)
    
      - NULL pointer dereference parsing OIM data in MSN.
        (CVE-2013-6482)
    
      - NULL pointer dereference parsing headers in MSN.
        (CVE-2013-6482)
    
      - Remote crash reading Yahoo! P2P message. (CVE-2013-6481)
    
      - Remote crash parsing HTTP responses. (CVE-2013-6479)
    
      - Crash when hovering pointer over a long URL.
        (CVE-2013-6478)
    
      - Crash handling bad XMPP timestamp. (CVE-2013-6477)
    
      - Yahoo! remote crash from incorrect character encoding.
        (CVE-2012-6152)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=861019"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2012-6152.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2013-6477.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2013-6478.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2013-6479.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2013-6481.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2013-6482.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2013-6483.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2013-6484.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2013-6485.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2013-6486.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2013-6487.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2013-6489.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2013-6490.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2014-0020.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply SAT patch number 9213.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:finch");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libpurple");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libpurple-lang");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libpurple-meanwhile");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:libpurple-tcl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:pidgin");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2014/05/08");
      script_set_attribute(attribute:"plugin_publication_date", value:"2014/05/24");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2014-2020 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);
    
    pl = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, "SuSE 11.3");
    
    
    flag = 0;
    if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"finch-2.6.6-0.23.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"libpurple-2.6.6-0.23.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"libpurple-lang-2.6.6-0.23.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"libpurple-meanwhile-2.6.6-0.23.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"libpurple-tcl-2.6.6-0.23.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"i586", reference:"pidgin-2.6.6-0.23.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"finch-2.6.6-0.23.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"libpurple-2.6.6-0.23.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"libpurple-lang-2.6.6-0.23.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"libpurple-meanwhile-2.6.6-0.23.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"libpurple-tcl-2.6.6-0.23.1")) flag++;
    if (rpm_check(release:"SLED11", sp:3, cpu:"x86_64", reference:"pidgin-2.6.6-0.23.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familySolaris Local Security Checks
    NASL idSOLARIS11_PIDGIN_20140731.NASL
    descriptionThe remote Solaris system is missing necessary patches to address security updates : - The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does not properly validate UTF-8 data, which allows remote attackers to cause a denial of service (application crash) via crafted byte sequences. (CVE-2012-6152) - The MXit protocol plugin in libpurple in Pidgin before 2.10.7 might allow remote attackers to create or overwrite files via a crafted (1) mxit or (2) mxit/imagestrips pathname. (CVE-2013-0271) - Buffer overflow in http.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.7 allows remote servers to execute arbitrary code via a long HTTP header. (CVE-2013-0272) - sametime.c in the Sametime protocol plugin in libpurple in Pidgin before 2.10.7 does not properly terminate long user IDs, which allows remote servers to cause a denial of service (application crash) via a crafted packet. (CVE-2013-0273) - upnp.c in libpurple in Pidgin before 2.10.7 does not properly terminate long strings in UPnP responses, which allows remote attackers to cause a denial of service (application crash) by leveraging access to the local network. (CVE-2013-0274) - Multiple integer signedness errors in libpurple in Pidgin before 2.10.8 allow remote attackers to cause a denial of service (application crash) via a crafted timestamp value in an XMPP message. (CVE-2013-6477) - gtkimhtml.c in Pidgin before 2.10.8 does not properly interact with underlying library support for wide Pango layouts, which allows user-assisted remote attackers to cause a denial of service (application crash) via a long URL that is examined with a tooltip. (CVE-2013-6478) - util.c in libpurple in Pidgin before 2.10.8 does not properly allocate memory for HTTP responses that are inconsistent with the Content-Length header, which allows remote HTTP servers to cause a denial of service (application crash) via a crafted response. (CVE-2013-6479) - libpurple/protocols/yahoo/libymsg.c in Pidgin before 2.10.8 allows remote attackers to cause a denial of service (crash) via a Yahoo! P2P message with a crafted length field, which triggers a buffer over-read. (CVE-2013-6481) - Pidgin before 2.10.8 allows remote MSN servers to cause a denial of service (NULL pointer dereference and crash) via a crafted (1) SOAP response, (2) OIM XML response, or (3) Content-Length header. (CVE-2013-6482) - The XMPP protocol plugin in libpurple in Pidgin before 2.10.8 does not properly determine whether the from address in an iq reply is consistent with the to address in an iq request, which allows remote attackers to spoof iq traffic or cause a denial of service (NULL pointer dereference and application crash) via a crafted reply. (CVE-2013-6483) - The STUN protocol implementation in libpurple in Pidgin before 2.10.8 allows remote STUN servers to cause a denial of service (out-of-bounds write operation and application crash) by triggering a socket read error. (CVE-2013-6484) - Buffer overflow in util.c in libpurple in Pidgin before 2.10.8 allows remote HTTP servers to cause a denial of service (application crash) or possibly have unspecified other impact via an invalid chunk-size field in chunked transfer-coding data. (CVE-2013-6485) - gtkutils.c in Pidgin before 2.10.8 on Windows allows user-assisted remote attackers to execute arbitrary programs via a message containing a file: URL that is improperly handled during construction of an explorer.exe command. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3185. (CVE-2013-6486) - Integer overflow in libpurple/protocols/gg/lib/http.c in the Gadu-Gadu (gg) parser in Pidgin before 2.10.8 allows remote attackers to have an unspecified impact via a large Content-Length value, which triggers a buffer overflow. (CVE-2013-6487) - Integer signedness error in the MXit functionality in Pidgin before 2.10.8 allows remote attackers to cause a denial of service (segmentation fault) via a crafted emoticon value, which triggers an integer overflow and a buffer overflow. (CVE-2013-6489) - The SIMPLE protocol functionality in Pidgin before 2.10.8 allows remote attackers to have an unspecified impact via a negative Content-Length header, which triggers a buffer overflow. (CVE-2013-6490) - The IRC protocol plugin in libpurple in Pidgin before 2.10.8 does not validate argument counts, which allows remote IRC servers to cause a denial of service (application crash) via a crafted message. (CVE-2014-0020)
    last seen2020-06-01
    modified2020-06-02
    plugin id80740
    published2015-01-19
    reporterThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/80740
    titleOracle Solaris Third-Party Patch Update : pidgin (multiple_vulnerabilities_in_pidgin2)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from the Oracle Third Party software advisories.
    #
    include("compat.inc");
    
    if (description)
    {
      script_id(80740);
      script_version("1.2");
      script_cvs_date("Date: 2018/11/15 20:50:25");
    
      script_cve_id("CVE-2012-6152", "CVE-2013-0271", "CVE-2013-0272", "CVE-2013-0273", "CVE-2013-0274", "CVE-2013-6477", "CVE-2013-6478", "CVE-2013-6479", "CVE-2013-6481", "CVE-2013-6482", "CVE-2013-6483", "CVE-2013-6484", "CVE-2013-6485", "CVE-2013-6486", "CVE-2013-6487", "CVE-2013-6489", "CVE-2013-6490", "CVE-2014-0020");
    
      script_name(english:"Oracle Solaris Third-Party Patch Update : pidgin (multiple_vulnerabilities_in_pidgin2)");
      script_summary(english:"Check for the 'entire' version.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Solaris system is missing a security patch for third-party
    software."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote Solaris system is missing necessary patches to address
    security updates :
    
      - The Yahoo! protocol plugin in libpurple in Pidgin before
        2.10.8 does not properly validate UTF-8 data, which
        allows remote attackers to cause a denial of service
        (application crash) via crafted byte sequences.
        (CVE-2012-6152)
    
      - The MXit protocol plugin in libpurple in Pidgin before
        2.10.7 might allow remote attackers to create or
        overwrite files via a crafted (1) mxit or (2)
        mxit/imagestrips pathname. (CVE-2013-0271)
    
      - Buffer overflow in http.c in the MXit protocol plugin in
        libpurple in Pidgin before 2.10.7 allows remote servers
        to execute arbitrary code via a long HTTP header.
        (CVE-2013-0272)
    
      - sametime.c in the Sametime protocol plugin in libpurple
        in Pidgin before 2.10.7 does not properly terminate long
        user IDs, which allows remote servers to cause a denial
        of service (application crash) via a crafted packet.
        (CVE-2013-0273)
    
      - upnp.c in libpurple in Pidgin before 2.10.7 does not
        properly terminate long strings in UPnP responses, which
        allows remote attackers to cause a denial of service
        (application crash) by leveraging access to the local
        network. (CVE-2013-0274)
    
      - Multiple integer signedness errors in libpurple in
        Pidgin before 2.10.8 allow remote attackers to cause a
        denial of service (application crash) via a crafted
        timestamp value in an XMPP message. (CVE-2013-6477)
    
      - gtkimhtml.c in Pidgin before 2.10.8 does not properly
        interact with underlying library support for wide Pango
        layouts, which allows user-assisted remote attackers to
        cause a denial of service (application crash) via a long
        URL that is examined with a tooltip. (CVE-2013-6478)
    
      - util.c in libpurple in Pidgin before 2.10.8 does not
        properly allocate memory for HTTP responses that are
        inconsistent with the Content-Length header, which
        allows remote HTTP servers to cause a denial of service
        (application crash) via a crafted response.
        (CVE-2013-6479)
    
      - libpurple/protocols/yahoo/libymsg.c in Pidgin before
        2.10.8 allows remote attackers to cause a denial of
        service (crash) via a Yahoo! P2P message with a crafted
        length field, which triggers a buffer over-read.
        (CVE-2013-6481)
    
      - Pidgin before 2.10.8 allows remote MSN servers to cause
        a denial of service (NULL pointer dereference and crash)
        via a crafted (1) SOAP response, (2) OIM XML response,
        or (3) Content-Length header. (CVE-2013-6482)
    
      - The XMPP protocol plugin in libpurple in Pidgin before
        2.10.8 does not properly determine whether the from
        address in an iq reply is consistent with the to address
        in an iq request, which allows remote attackers to spoof
        iq traffic or cause a denial of service (NULL pointer
        dereference and application crash) via a crafted reply.
        (CVE-2013-6483)
    
      - The STUN protocol implementation in libpurple in Pidgin
        before 2.10.8 allows remote STUN servers to cause a
        denial of service (out-of-bounds write operation and
        application crash) by triggering a socket read error.
        (CVE-2013-6484)
    
      - Buffer overflow in util.c in libpurple in Pidgin before
        2.10.8 allows remote HTTP servers to cause a denial of
        service (application crash) or possibly have unspecified
        other impact via an invalid chunk-size field in chunked
        transfer-coding data. (CVE-2013-6485)
    
      - gtkutils.c in Pidgin before 2.10.8 on Windows allows
        user-assisted remote attackers to execute arbitrary
        programs via a message containing a file: URL that is
        improperly handled during construction of an
        explorer.exe command. NOTE: this vulnerability exists
        because of an incomplete fix for CVE-2011-3185.
        (CVE-2013-6486)
    
      - Integer overflow in libpurple/protocols/gg/lib/http.c in
        the Gadu-Gadu (gg) parser in Pidgin before 2.10.8 allows
        remote attackers to have an unspecified impact via a
        large Content-Length value, which triggers a buffer
        overflow. (CVE-2013-6487)
    
      - Integer signedness error in the MXit functionality in
        Pidgin before 2.10.8 allows remote attackers to cause a
        denial of service (segmentation fault) via a crafted
        emoticon value, which triggers an integer overflow and a
        buffer overflow. (CVE-2013-6489)
    
      - The SIMPLE protocol functionality in Pidgin before
        2.10.8 allows remote attackers to have an unspecified
        impact via a negative Content-Length header, which
        triggers a buffer overflow. (CVE-2013-6490)
    
      - The IRC protocol plugin in libpurple in Pidgin before
        2.10.8 does not validate argument counts, which allows
        remote IRC servers to cause a denial of service
        (application crash) via a crafted message.
        (CVE-2014-0020)"
      );
      # https://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?4a913f44"
      );
      # https://blogs.oracle.com/sunsecurity/multiple-vulnerabilities-in-pidgin
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?07a786a5"
      );
      script_set_attribute(attribute:"solution", value:"Upgrade to Solaris 11.2.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:solaris:11.2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:solaris:pidgin");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2014/07/31");
      script_set_attribute(attribute:"plugin_publication_date", value:"2015/01/19");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.");
      script_family(english:"Solaris Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Solaris11/release", "Host/Solaris11/pkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("solaris.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Solaris11/release");
    if (isnull(release)) audit(AUDIT_OS_NOT, "Solaris11");
    pkg_list = solaris_pkg_list_leaves();
    if (isnull (pkg_list)) audit(AUDIT_PACKAGE_LIST_MISSING, "Solaris pkg-list packages");
    
    if (empty_or_null(egrep(string:pkg_list, pattern:"^pidgin$"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, "pidgin");
    
    flag = 0;
    
    if (solaris_check_release(release:"0.5.11-0.175.2.0.0.0.0", sru:"11.2 SRU 0") > 0) flag++;
    
    if (flag)
    {
      error_extra = 'Affected package : pidgin\n' + solaris_get_report2();
      error_extra = ereg_replace(pattern:"version", replace:"OS version", string:error_extra);
      if (report_verbosity > 0) security_hole(port:0, extra:error_extra);
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_PACKAGE_NOT_AFFECTED, "pidgin");
    
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2014-0139.NASL
    descriptionUpdated pidgin packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A heap-based buffer overflow flaw was found in the way Pidgin processed certain HTTP responses. A malicious server could send a specially crafted HTTP response, causing Pidgin to crash or potentially execute arbitrary code with the permissions of the user running Pidgin. (CVE-2013-6485) Multiple heap-based buffer overflow flaws were found in several protocol plug-ins in Pidgin (Gadu-Gadu, MXit, SIMPLE). A malicious server could send a specially crafted message, causing Pidgin to crash or potentially execute arbitrary code with the permissions of the user running Pidgin. (CVE-2013-6487, CVE-2013-6489, CVE-2013-6490) Multiple denial of service flaws were found in several protocol plug-ins in Pidgin (Yahoo!, XMPP, MSN, stun, IRC). A remote attacker could use these flaws to crash Pidgin by sending a specially crafted message. (CVE-2012-6152, CVE-2013-6477, CVE-2013-6481, CVE-2013-6482, CVE-2013-6484, CVE-2014-0020) It was found that the Pidgin XMPP protocol plug-in did not verify the origin of
    last seen2020-06-01
    modified2020-06-02
    plugin id72352
    published2014-02-06
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/72352
    titleCentOS 5 / 6 : pidgin (CESA-2014:0139)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2014:0139 and 
    # CentOS Errata and Security Advisory 2014:0139 respectively.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(72352);
      script_version("1.11");
      script_cvs_date("Date: 2020/01/06");
    
      script_cve_id("CVE-2012-6152", "CVE-2013-6477", "CVE-2013-6478", "CVE-2013-6479", "CVE-2013-6481", "CVE-2013-6482", "CVE-2013-6483", "CVE-2013-6484", "CVE-2013-6485", "CVE-2013-6487", "CVE-2013-6489", "CVE-2013-6490", "CVE-2014-0020");
      script_bugtraq_id(65188, 65192, 65195, 65243, 65492);
      script_xref(name:"RHSA", value:"2014:0139");
    
      script_name(english:"CentOS 5 / 6 : pidgin (CESA-2014:0139)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote CentOS host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated pidgin packages that fix multiple security issues are now
    available for Red Hat Enterprise Linux 5 and 6.
    
    The Red Hat Security Response Team has rated this update as having
    moderate security impact. Common Vulnerability Scoring System (CVSS)
    base scores, which give detailed severity ratings, are available for
    each vulnerability from the CVE links in the References section.
    
    Pidgin is an instant messaging program which can log in to multiple
    accounts on multiple instant messaging networks simultaneously.
    
    A heap-based buffer overflow flaw was found in the way Pidgin
    processed certain HTTP responses. A malicious server could send a
    specially crafted HTTP response, causing Pidgin to crash or
    potentially execute arbitrary code with the permissions of the user
    running Pidgin. (CVE-2013-6485)
    
    Multiple heap-based buffer overflow flaws were found in several
    protocol plug-ins in Pidgin (Gadu-Gadu, MXit, SIMPLE). A malicious
    server could send a specially crafted message, causing Pidgin to crash
    or potentially execute arbitrary code with the permissions of the user
    running Pidgin. (CVE-2013-6487, CVE-2013-6489, CVE-2013-6490)
    
    Multiple denial of service flaws were found in several protocol
    plug-ins in Pidgin (Yahoo!, XMPP, MSN, stun, IRC). A remote attacker
    could use these flaws to crash Pidgin by sending a specially crafted
    message. (CVE-2012-6152, CVE-2013-6477, CVE-2013-6481, CVE-2013-6482,
    CVE-2013-6484, CVE-2014-0020)
    
    It was found that the Pidgin XMPP protocol plug-in did not verify the
    origin of 'iq' replies. A remote attacker could use this flaw to spoof
    an 'iq' reply, which could lead to injection of fake data or cause
    Pidgin to crash via a NULL pointer dereference. (CVE-2013-6483)
    
    A flaw was found in the way Pidgin parsed certain HTTP response
    headers. A remote attacker could use this flaw to crash Pidgin via a
    specially crafted HTTP response header. (CVE-2013-6479)
    
    It was found that Pidgin crashed when a mouse pointer was hovered over
    a long URL. A remote attacker could use this flaw to crash Pidgin by
    sending a message containing a long URL string. (CVE-2013-6478)
    
    Red Hat would like to thank the Pidgin project for reporting these
    issues. Upstream acknowledges Thijs Alkemade, Robert Vehse, Jaime
    Breva Ribes, Jacob Appelbaum of the Tor Project, Daniel Atallah,
    Fabian Yamaguchi and Christian Wressnegger of the University of
    Goettingen, Matt Jones of Volvent, and Yves Younan, Ryan Pentney, and
    Pawel Janic of Sourcefire VRT as the original reporters of these
    issues.
    
    All pidgin users are advised to upgrade to these updated packages,
    which contain backported patches to correct these issues. Pidgin must
    be restarted for this update to take effect."
      );
      # https://lists.centos.org/pipermail/centos-announce/2014-February/020141.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?1ef12403"
      );
      # https://lists.centos.org/pipermail/centos-announce/2014-February/020142.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?6a6dc642"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected pidgin packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2013-6490");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:finch");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:finch-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libpurple");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libpurple-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libpurple-perl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:libpurple-tcl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:pidgin");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:pidgin-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:pidgin-docs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:pidgin-perl");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:5");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:6");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2014/02/06");
      script_set_attribute(attribute:"patch_publication_date", value:"2014/02/05");
      script_set_attribute(attribute:"plugin_publication_date", value:"2014/02/06");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"CentOS Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/CentOS/release");
    if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
    os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(5|6)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 5.x / 6.x", "CentOS " + os_ver);
    
    if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"CentOS-5", reference:"finch-2.6.6-32.el5")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"finch-devel-2.6.6-32.el5")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"libpurple-2.6.6-32.el5")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"libpurple-devel-2.6.6-32.el5")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"libpurple-perl-2.6.6-32.el5")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"libpurple-tcl-2.6.6-32.el5")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"pidgin-2.6.6-32.el5")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"pidgin-devel-2.6.6-32.el5")) flag++;
    if (rpm_check(release:"CentOS-5", reference:"pidgin-perl-2.6.6-32.el5")) flag++;
    
    if (rpm_check(release:"CentOS-6", reference:"finch-2.7.9-27.el6")) flag++;
    if (rpm_check(release:"CentOS-6", reference:"finch-devel-2.7.9-27.el6")) flag++;
    if (rpm_check(release:"CentOS-6", reference:"libpurple-2.7.9-27.el6")) flag++;
    if (rpm_check(release:"CentOS-6", reference:"libpurple-devel-2.7.9-27.el6")) flag++;
    if (rpm_check(release:"CentOS-6", reference:"libpurple-perl-2.7.9-27.el6")) flag++;
    if (rpm_check(release:"CentOS-6", reference:"libpurple-tcl-2.7.9-27.el6")) flag++;
    if (rpm_check(release:"CentOS-6", reference:"pidgin-2.7.9-27.el6")) flag++;
    if (rpm_check(release:"CentOS-6", reference:"pidgin-devel-2.7.9-27.el6")) flag++;
    if (rpm_check(release:"CentOS-6", reference:"pidgin-docs-2.7.9-27.el6")) flag++;
    if (rpm_check(release:"CentOS-6", reference:"pidgin-perl-2.7.9-27.el6")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "finch / finch-devel / libpurple / libpurple-devel / libpurple-perl / etc");
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2014-0139.NASL
    descriptionUpdated pidgin packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A heap-based buffer overflow flaw was found in the way Pidgin processed certain HTTP responses. A malicious server could send a specially crafted HTTP response, causing Pidgin to crash or potentially execute arbitrary code with the permissions of the user running Pidgin. (CVE-2013-6485) Multiple heap-based buffer overflow flaws were found in several protocol plug-ins in Pidgin (Gadu-Gadu, MXit, SIMPLE). A malicious server could send a specially crafted message, causing Pidgin to crash or potentially execute arbitrary code with the permissions of the user running Pidgin. (CVE-2013-6487, CVE-2013-6489, CVE-2013-6490) Multiple denial of service flaws were found in several protocol plug-ins in Pidgin (Yahoo!, XMPP, MSN, stun, IRC). A remote attacker could use these flaws to crash Pidgin by sending a specially crafted message. (CVE-2012-6152, CVE-2013-6477, CVE-2013-6481, CVE-2013-6482, CVE-2013-6484, CVE-2014-0020) It was found that the Pidgin XMPP protocol plug-in did not verify the origin of
    last seen2020-06-01
    modified2020-06-02
    plugin id72364
    published2014-02-06
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/72364
    titleRHEL 5 / 6 : pidgin (RHSA-2014:0139)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2014:0139. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(72364);
      script_version("1.14");
      script_cvs_date("Date: 2019/10/24 15:35:38");
    
      script_cve_id("CVE-2012-6152", "CVE-2013-6477", "CVE-2013-6478", "CVE-2013-6479", "CVE-2013-6481", "CVE-2013-6482", "CVE-2013-6483", "CVE-2013-6484", "CVE-2013-6485", "CVE-2013-6487", "CVE-2013-6489", "CVE-2013-6490", "CVE-2014-0020");
      script_bugtraq_id(65188, 65192, 65195, 65243);
      script_xref(name:"RHSA", value:"2014:0139");
    
      script_name(english:"RHEL 5 / 6 : pidgin (RHSA-2014:0139)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated pidgin packages that fix multiple security issues are now
    available for Red Hat Enterprise Linux 5 and 6.
    
    The Red Hat Security Response Team has rated this update as having
    moderate security impact. Common Vulnerability Scoring System (CVSS)
    base scores, which give detailed severity ratings, are available for
    each vulnerability from the CVE links in the References section.
    
    Pidgin is an instant messaging program which can log in to multiple
    accounts on multiple instant messaging networks simultaneously.
    
    A heap-based buffer overflow flaw was found in the way Pidgin
    processed certain HTTP responses. A malicious server could send a
    specially crafted HTTP response, causing Pidgin to crash or
    potentially execute arbitrary code with the permissions of the user
    running Pidgin. (CVE-2013-6485)
    
    Multiple heap-based buffer overflow flaws were found in several
    protocol plug-ins in Pidgin (Gadu-Gadu, MXit, SIMPLE). A malicious
    server could send a specially crafted message, causing Pidgin to crash
    or potentially execute arbitrary code with the permissions of the user
    running Pidgin. (CVE-2013-6487, CVE-2013-6489, CVE-2013-6490)
    
    Multiple denial of service flaws were found in several protocol
    plug-ins in Pidgin (Yahoo!, XMPP, MSN, stun, IRC). A remote attacker
    could use these flaws to crash Pidgin by sending a specially crafted
    message. (CVE-2012-6152, CVE-2013-6477, CVE-2013-6481, CVE-2013-6482,
    CVE-2013-6484, CVE-2014-0020)
    
    It was found that the Pidgin XMPP protocol plug-in did not verify the
    origin of 'iq' replies. A remote attacker could use this flaw to spoof
    an 'iq' reply, which could lead to injection of fake data or cause
    Pidgin to crash via a NULL pointer dereference. (CVE-2013-6483)
    
    A flaw was found in the way Pidgin parsed certain HTTP response
    headers. A remote attacker could use this flaw to crash Pidgin via a
    specially crafted HTTP response header. (CVE-2013-6479)
    
    It was found that Pidgin crashed when a mouse pointer was hovered over
    a long URL. A remote attacker could use this flaw to crash Pidgin by
    sending a message containing a long URL string. (CVE-2013-6478)
    
    Red Hat would like to thank the Pidgin project for reporting these
    issues. Upstream acknowledges Thijs Alkemade, Robert Vehse, Jaime
    Breva Ribes, Jacob Appelbaum of the Tor Project, Daniel Atallah,
    Fabian Yamaguchi and Christian Wressnegger of the University of
    Goettingen, Matt Jones of Volvent, and Yves Younan, Ryan Pentney, and
    Pawel Janic of Sourcefire VRT as the original reporters of these
    issues.
    
    All pidgin users are advised to upgrade to these updated packages,
    which contain backported patches to correct these issues. Pidgin must
    be restarted for this update to take effect."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.pidgin.im/news/security/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2014:0139"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2013-6483"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2013-6482"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2013-6481"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2013-6487"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2013-6485"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2013-6484"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2013-6489"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2014-0020"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2013-6477"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2012-6152"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2013-6478"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2013-6479"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2013-6490"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:finch");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:finch-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libpurple");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libpurple-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libpurple-perl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libpurple-tcl");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pidgin");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pidgin-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pidgin-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pidgin-docs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pidgin-perl");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6.5");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2014/02/06");
      script_set_attribute(attribute:"patch_publication_date", value:"2014/02/05");
      script_set_attribute(attribute:"plugin_publication_date", value:"2014/02/06");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(5|6)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 5.x / 6.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2014:0139";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"finch-2.6.6-32.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"finch-2.6.6-32.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"finch-devel-2.6.6-32.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"finch-devel-2.6.6-32.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"libpurple-2.6.6-32.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"libpurple-2.6.6-32.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"libpurple-devel-2.6.6-32.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"libpurple-devel-2.6.6-32.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"libpurple-perl-2.6.6-32.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"libpurple-perl-2.6.6-32.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"libpurple-tcl-2.6.6-32.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"libpurple-tcl-2.6.6-32.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"pidgin-2.6.6-32.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"pidgin-2.6.6-32.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"pidgin-debuginfo-2.6.6-32.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"pidgin-debuginfo-2.6.6-32.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"pidgin-devel-2.6.6-32.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"pidgin-devel-2.6.6-32.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"i386", reference:"pidgin-perl-2.6.6-32.el5")) flag++;
    
      if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"pidgin-perl-2.6.6-32.el5")) flag++;
    
    
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"finch-2.7.9-27.el6")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"finch-2.7.9-27.el6")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"finch-devel-2.7.9-27.el6")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"finch-devel-2.7.9-27.el6")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"libpurple-2.7.9-27.el6")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"libpurple-2.7.9-27.el6")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"libpurple-devel-2.7.9-27.el6")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"libpurple-devel-2.7.9-27.el6")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"libpurple-perl-2.7.9-27.el6")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"libpurple-perl-2.7.9-27.el6")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"libpurple-tcl-2.7.9-27.el6")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"libpurple-tcl-2.7.9-27.el6")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"pidgin-2.7.9-27.el6")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"pidgin-2.7.9-27.el6")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"pidgin-debuginfo-2.7.9-27.el6")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"pidgin-debuginfo-2.7.9-27.el6")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"pidgin-devel-2.7.9-27.el6")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"pidgin-devel-2.7.9-27.el6")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"pidgin-docs-2.7.9-27.el6")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"pidgin-docs-2.7.9-27.el6")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"pidgin-perl-2.7.9-27.el6")) flag++;
    
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"pidgin-perl-2.7.9-27.el6")) flag++;
    
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "finch / finch-devel / libpurple / libpurple-devel / libpurple-perl / etc");
      }
    }
    
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2014-034-01.NASL
    descriptionNew pidgin packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id72265
    published2014-02-04
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/72265
    titleSlackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : pidgin (SSA:2014-034-01)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-1999.NASL
    descriptionUpdate to 2.10.9 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-02-17
    plugin id72519
    published2014-02-17
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/72519
    titleFedora 19 : pidgin-2.10.9-1.fc19 (2014-1999)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2014-0139.NASL
    descriptionFrom Red Hat Security Advisory 2014:0139 : Updated pidgin packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A heap-based buffer overflow flaw was found in the way Pidgin processed certain HTTP responses. A malicious server could send a specially crafted HTTP response, causing Pidgin to crash or potentially execute arbitrary code with the permissions of the user running Pidgin. (CVE-2013-6485) Multiple heap-based buffer overflow flaws were found in several protocol plug-ins in Pidgin (Gadu-Gadu, MXit, SIMPLE). A malicious server could send a specially crafted message, causing Pidgin to crash or potentially execute arbitrary code with the permissions of the user running Pidgin. (CVE-2013-6487, CVE-2013-6489, CVE-2013-6490) Multiple denial of service flaws were found in several protocol plug-ins in Pidgin (Yahoo!, XMPP, MSN, stun, IRC). A remote attacker could use these flaws to crash Pidgin by sending a specially crafted message. (CVE-2012-6152, CVE-2013-6477, CVE-2013-6481, CVE-2013-6482, CVE-2013-6484, CVE-2014-0020) It was found that the Pidgin XMPP protocol plug-in did not verify the origin of
    last seen2020-06-01
    modified2020-06-02
    plugin id72362
    published2014-02-06
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/72362
    titleOracle Linux 6 : pidgin (ELSA-2014-0139)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-2100-1.NASL
    descriptionThijs Alkemade and Robert Vehse discovered that Pidgin incorrectly handled the Yahoo! protocol. A remote attacker could use this issue to cause Pidgin to crash, resulting in a denial of service. (CVE-2012-6152) Jaime Breva Ribes discovered that Pidgin incorrectly handled the XMPP protocol. A remote attacker could use this issue to cause Pidgin to crash, resulting in a denial of service. (CVE-2013-6477) It was discovered that Pidgin incorrecly handled long URLs. A remote attacker could use this issue to cause Pidgin to crash, resulting in a denial of service. (CVE-2013-6478) Jacob Appelbaum discovered that Pidgin incorrectly handled certain HTTP responses. A malicious remote server or a man in the middle could use this issue to cause Pidgin to crash, resulting in a denial of service. (CVE-2013-6479) Daniel Atallah discovered that Pidgin incorrectly handled the Yahoo! protocol. A remote attacker could use this issue to cause Pidgin to crash, resulting in a denial of service. (CVE-2013-6481) Fabian Yamaguchi and Christian Wressnegger discovered that Pidgin incorrectly handled the MSN protocol. A remote attacker could use this issue to cause Pidgin to crash, resulting in a denial of service. (CVE-2013-6482) Fabian Yamaguchi and Christian Wressnegger discovered that Pidgin incorrectly handled XMPP iq replies. A remote attacker could use this issue to spoof messages. (CVE-2013-6483) It was discovered that Pidgin incorrectly handled STUN server responses. A remote attacker could use this issue to cause Pidgin to crash, resulting in a denial of service. (CVE-2013-6484) Matt Jones discovered that Pidgin incorrectly handled certain chunked HTTP responses. A malicious remote server or a man in the middle could use this issue to cause Pidgin to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2013-6485) Yves Younan and Ryan Pentney discovered that Pidgin incorrectly handled certain Gadu-Gadu HTTP messages. A malicious remote server or a man in the middle could use this issue to cause Pidgin to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2013-6487) Yves Younan and Pawel Janic discovered that Pidgin incorrectly handled MXit emoticons. A remote attacker could use this issue to cause Pidgin to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2013-6489) Yves Younan discovered that Pidgin incorrectly handled SIMPLE headers. A remote attacker could use this issue to cause Pidgin to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2013-6490) Daniel Atallah discovered that Pidgin incorrectly handled IRC argument parsing. A malicious remote server or a man in the middle could use this issue to cause Pidgin to crash, resulting in a denial of service. (CVE-2014-0020). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-18
    modified2014-02-07
    plugin id72386
    published2014-02-07
    reporterUbuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/72386
    titleUbuntu 12.04 LTS / 12.10 / 13.10 : pidgin vulnerabilities (USN-2100-1)
  • NASL familyWindows
    NASL idPIDGIN_2_10_8.NASL
    descriptionThe version of Pidgin installed on the remote host is a version prior to 2.10.8. It is, therefore, potentially affected by the following vulnerabilities : - The bundled version of Pango has an error that can lead to an application crash when rendering fonts and attempting to display certain Unicode characters. - Errors exist related to handling unspecified characters, incorrect character encoding, incorrect XMPP timestamps, hovering a pointer over a long URL, unspecified HTTP responses, Yahoo! P2P messages, STUN responses, and IRC arguments that could cause application crashes and denial of service conditions. (CVE-2012-6152, CVE-2013-6477, CVE-2013-6478, CVE-2013-6479, CVE-2013-6481, CVE-2013-6484, CVE-2014-0020) - Errors exist related to handling MSN SOAP, MSN OIM, and MSN header content that could cause application crashes when NULL pointers are dereferenced. (CVE-2013-6482) - An error exists related XMPP content such that the
    last seen2020-06-01
    modified2020-06-02
    plugin id72282
    published2014-02-04
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/72282
    titlePidgin < 2.10.8 Multiple Vulnerabilities
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-2859.NASL
    descriptionMultiple vulnerabilities have been discovered in Pidgin, a multi-protocol instant messaging client : - CVE-2013-6477 Jaime Breva Ribes discovered that a remote XMPP user can trigger a crash by sending a message with a timestamp in the distant future. - CVE-2013-6478 Pidgin could be crashed through overly wide tooltip windows. - CVE-2013-6479 Jacob Appelbaum discovered that a malicious server or a
    last seen2020-03-17
    modified2014-02-12
    plugin id72439
    published2014-02-12
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/72439
    titleDebian DSA-2859-1 : pidgin - several vulnerabilities
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201405-22.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201405-22 (Pidgin: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Pidgin. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly execute arbitrary code with the privileges of the Pidgin process, cause a Denial of Service condition, overwrite files, or spoof traffic. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id74064
    published2014-05-19
    reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/74064
    titleGLSA-201405-22 : Pidgin: Multiple vulnerabilities
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20140205_PIDGIN_ON_SL5_X.NASL
    descriptionA heap-based buffer overflow flaw was found in the way Pidgin processed certain HTTP responses. A malicious server could send a specially crafted HTTP response, causing Pidgin to crash or potentially execute arbitrary code with the permissions of the user running Pidgin. (CVE-2013-6485) Multiple heap-based buffer overflow flaws were found in several protocol plug-ins in Pidgin (Gadu-Gadu, MXit, SIMPLE). A malicious server could send a specially crafted message, causing Pidgin to crash or potentially execute arbitrary code with the permissions of the user running Pidgin. (CVE-2013-6487, CVE-2013-6489, CVE-2013-6490) Multiple denial of service flaws were found in several protocol plug-ins in Pidgin (Yahoo!, XMPP, MSN, stun, IRC). A remote attacker could use these flaws to crash Pidgin by sending a specially crafted message. (CVE-2012-6152, CVE-2013-6477, CVE-2013-6481, CVE-2013-6482, CVE-2013-6484, CVE-2014-0020) It was found that the Pidgin XMPP protocol plug-in did not verify the origin of
    last seen2020-03-18
    modified2014-02-06
    plugin id72365
    published2014-02-06
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/72365
    titleScientific Linux Security Update : pidgin on SL5.x, SL6.x i386/x86_64 (20140205)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2014-132.NASL
    description - Update to version 2.10.8 (bnc#861019) : + General: Python build scripts and example plugins are now compatible with Python 3 (pidgin.im#15624). + libpurple : - Fix potential crash if libpurple gets an error attempting to read a reply from a STUN server (CVE-2013-6484). - Fix potential crash parsing a malformed HTTP response (CVE-2013-6479). - Fix buffer overflow when parsing a malformed HTTP response with chunked Transfer-Encoding (CVE-2013-6485). - Better handling of HTTP proxy responses with negative Content-Lengths. - Fix handling of SSL certificates without subjects when using libnss. - Fix handling of SSL certificates with timestamps in the distant future when using libnss (pidgin.im#15586). - Impose maximum download size for all HTTP fetches. + Pidgin : - Fix crash displaying tooltip of long URLs (CVE-2013-6478). - Better handling of URLs longer than 1000 letters. - Fix handling of multibyte UTF-8 characters in smiley themes (pidgin.im#15756). + AIM: Fix untrusted certificate error. + AIM and ICQ: Fix a possible crash when receiving a malformed message in a Direct IM session. + Gadu-Gadu : - Fix buffer overflow with remote code execution potential. Only triggerable by a Gadu-Gadu server or a man-in-the-middle (CVE-2013-6487). - Disabled buddy list import/export from/to server. - Disabled new account registration and password change options. + IRC : - Fix bug where a malicious server or man-in-the-middle could trigger a crash by not sending enough arguments with various messages (CVE-2014-0020). - Fix bug where initial IRC status would not be set correctly. - Fix bug where IRC wasn
    last seen2020-06-05
    modified2014-06-13
    plugin id75256
    published2014-06-13
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/75256
    titleopenSUSE Security Update : pidgin / pidgin-branding-openSUSE (openSUSE-SU-2014:0239-1)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2014-2013.NASL
    descriptionUpdate to 2.10.9 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-17
    modified2014-02-06
    plugin id72359
    published2014-02-06
    reporterThis script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/72359
    titleFedora 20 : pidgin-2.10.9-1.fc20 (2014-2013)

Redhat

advisories
rhsa
idRHSA-2014:0139
rpms
  • finch-0:2.6.6-32.el5
  • finch-0:2.7.9-27.el6
  • finch-devel-0:2.6.6-32.el5
  • finch-devel-0:2.7.9-27.el6
  • libpurple-0:2.6.6-32.el5
  • libpurple-0:2.7.9-27.el6
  • libpurple-devel-0:2.6.6-32.el5
  • libpurple-devel-0:2.7.9-27.el6
  • libpurple-perl-0:2.6.6-32.el5
  • libpurple-perl-0:2.7.9-27.el6
  • libpurple-tcl-0:2.6.6-32.el5
  • libpurple-tcl-0:2.7.9-27.el6
  • pidgin-0:2.6.6-32.el5
  • pidgin-0:2.7.9-27.el6
  • pidgin-debuginfo-0:2.6.6-32.el5
  • pidgin-debuginfo-0:2.7.9-27.el6
  • pidgin-devel-0:2.6.6-32.el5
  • pidgin-devel-0:2.7.9-27.el6
  • pidgin-docs-0:2.7.9-27.el6
  • pidgin-perl-0:2.6.6-32.el5
  • pidgin-perl-0:2.7.9-27.el6