Family: Red Hat Local Security Checks --> Category: infos
RHSA-2002-191: gaim Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the gaim packages
Detailed Explanation for this Vulnerability Test
Updated gaim packages are now available for Red Hat Linux Advanced Server.
These updates fix a vulnerability in the default URL handler.
Gaim is an all-in-one instant messaging client that lets you use a number
messaging protocols such as AIM, ICQ, and Yahoo, all at once.
Versions of gaim prior to 0.59.1 contain a bug in the URL handler of
the manual browser option. A link can be carefully crafted to contain
an arbitrary shell script which will be executed if the user clicks on
Users of gaim should update to these errata packages containing gaim
0.59.1 which is not vulnerable to this issue.
Solution : http://rhn.redhat.com/errata/RHSA-2002-191.html
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.