Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Ubuntu Local Security Checks --> Category: infos

USN106-1 : gaim vulnerabilities Vulnerability Scan

Vulnerability Scan Summary
gaim vulnerabilities

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote package "gaim" is missing a security patch.

Description :

Jean-Yves Lefort discovered a buffer overflow in the
gaim_markup_strip_html() function. This caused Gaim to crash when
receiving certain malformed HTML messages. (CVE-2005-0965)

Jean-Yves Lefort also noticed that many functions that handle IRC
commands do not escape received HTML metacharacters
this allowed
remote attackers to cause a Denial of Service by injecting arbitrary
HTML code into the conversation window, popping up arbitrarily many
empty dialog boxes, or even causing Gaim to crash. (CVE-2005-0966)

Solution :

Upgrade to :
- gaim-1.0.0-1ubuntu1.3 (Ubuntu 4.10)

Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.