Family: Red Hat Local Security Checks --> Category: infos
RHSA-2002-122: gaim Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the gaim packages
Detailed Explanation for this Vulnerability Test
Updated gaim packages are now available for Red Hat Linux Advanced Server.
These updates fix a buffer overflow in the Jabber plug-in module.
Gaim is an instant messaging client based on the published TOC protocol
from AOL. Versions of gaim prior to 0.58 contain a buffer overflow in the
Jabber plug-in module.
Users of gaim should update to these errata packages containing gaim
0.59 which is not vulnerable to this issue.
Please note that gaim version 0.57 had an additional security problem
which has been fixed in version 0.58 (CVE-2002-0377)
however, Red Hat
Linux Advanced Server did not ship with version 0.57 and was not vulnerable
to this issue.
[update 14 Aug 2002]
Previous packages pushed were not signed, this update replaces the packages
with signed versions
Solution : http://rhn.redhat.com/errata/RHSA-2002-122.html
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.