Mandrake Linux Security Advisory : gaim (MDKSA-2005:139)

This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.

Synopsis :

The remote Mandrake Linux host is missing one or more security

Description :

Yet more vulnerabilities have been discovered in the gaim IM client.
Invalid characters in a sent file can cause Gaim to crash on some
systems (CVE-2005-2102); a remote AIM or ICQ user can cause a buffer
overflow in Gaim by setting an away message containing many AIM
substitution strings (CVE-2005-2103); a memory alignment bug in the
library used by Gaim to access the Gadu-Gadu network can result in a
buffer overflow on non-x86 architecture systems (CVE-2005-2370).

These problems have been corrected in gaim 1.5.0 which is provided
with this update.

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5

Family: Mandriva Local Security Checks

Nessus Plugin ID: 19896 (mandrake_MDKSA-2005-139.nasl)

Bugtraq ID:

CVE ID: CVE-2005-2102

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now