RHEL 2.1 : gaim (RHSA-2005:589)

This script is Copyright (C) 2005-2016 Tenable Network Security, Inc.

Synopsis :

The remote Red Hat host is missing a security update.

Description :

An updated gaim package that fixes a buffer overflow security issue is
now available.

This update has been rated as having critical security impact by the
Red Hat Security Response Team.

Gaim is an Internet Instant Messaging client.

A heap based buffer overflow issue was discovered in the way Gaim
processes away messages. A remote attacker could send a specially
crafted away message to a Gaim user logged into AIM or ICQ which could
result in arbitrary code execution. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CVE-2005-2103
to this issue.

Users of gaim are advised to upgrade to this updated package, which
contains backported patches and is not vulnerable to this issue.

See also :


Solution :

Update the affected gaim package.

Risk factor :

High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.5
Public Exploit Available : false

Family: Red Hat Local Security Checks

Nessus Plugin ID: 19422 ()

Bugtraq ID: 14531

CVE ID: CVE-2005-2103

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now