This script is Copyright (C) 2013 Tenable Network Security, Inc.
The remote SuSE 10 host is missing a security-related patch.
pidgin was updated to fix 4 security issues :
- Fixed a crash when receiving UPnP responses with
abnormally long values. (CVE-2013-0274, bnc#804742)
- Fixed a crash in Sametime protocol when a malicious
server sends us an abnormally long user ID.
- Fixed a bug where the MXit server or a man-in-the-middle
could potentially send specially crafted data that could
overflow a buffer and lead to a crash or remote code
execution. (CVE-2013-0272, bnc#804742)
- Fixed a bug where a remote MXit user could possibly
specify a local file path to be written to.
See also :
Apply ZYPP patch number 8475.
Risk factor :
Medium / CVSS Base Score : 6.8