This script is Copyright (C) 2005-2015 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-200505-09
(Gaim: Denial of Service and buffer overflow vulnerabilties)
Stu Tomlinson discovered that Gaim is vulnerable to a remote stack
based buffer overflow when receiving messages in certain protocols,
like Jabber and SILC, with a very long URL (CAN-2005-1261). Siebe
Tolsma discovered that Gaim is also vulnerable to a remote Denial of
Service attack when receiving a specially crafted MSN message
A remote attacker could cause a buffer overflow by sending an
instant message with a very long URL, potentially leading to the
execution of malicious code. By sending a SLP message with an empty
body, a remote attacker could cause a Denial of Service or crash of the
There are no known workarounds at this time.
See also :
All Gaim users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=net-im/gaim-1.3.0'
Risk factor :
High / CVSS Base Score : 7.5
Family: Gentoo Local Security Checks
Nessus Plugin ID: 18252 (gentoo_GLSA-200505-09.nasl)
CVE ID: CVE-2005-1261CVE-2005-1262
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.