Debian DSA-2453-1 : gajim - several vulnerabilities

high Nessus Plugin ID 58766

Synopsis

The remote Debian host is missing a security-related update.

Description

Several vulnerabilities have been discovered in Gajim, a feature-rich Jabber client. The Common Vulnerabilities and Exposures project identifies the following problems :

- CVE-2012-1987 Gajim is not properly sanitizing input before passing it to shell commands. An attacker can use this flaw to execute arbitrary code on behalf of the victim if the user e.g. clicks on a specially crafted URL in an instant message.

- CVE-2012-2093 Gajim is using predictable temporary files in an insecure manner when converting instant messages containing LaTeX to images. A local attacker can use this flaw to conduct symlink attacks and overwrite files the victim has write access to.

- CVE-2012-2086 Gajim is not properly sanitizing input when logging conversations which results in the possibility to conduct SQL injection attacks.

Solution

Upgrade the gajim packages.

For the stable distribution (squeeze), this problem has been fixed in version 0.13.4-3+squeeze3.

See Also

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668038

https://security-tracker.debian.org/tracker/CVE-2012-1987

https://security-tracker.debian.org/tracker/CVE-2012-2093

https://security-tracker.debian.org/tracker/CVE-2012-2086

https://packages.debian.org/source/squeeze/gajim

https://www.debian.org/security/2012/dsa-2453

Plugin Details

Severity: High

ID: 58766

File Name: debian_DSA-2453.nasl

Version: 1.12

Type: local

Agent: unix

Published: 4/17/2012

Updated: 1/11/2021

Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.3

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:gajim, cpe:/o:debian:debian_linux:6.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 4/16/2012

Reference Information

CVE: CVE-2012-2085, CVE-2012-2086, CVE-2012-2093

BID: 52943

DSA: 2453