High Nessus Plugin ID 14264
SynopsisThe remote host is missing a vendor-supplied security patch
DescriptionThe remote host is missing the patch for the advisory SUSE-SA:2004:025 (gaim).
Gaim is an instant messaging client which supports a wide range of protocols.
Sebastian Krahmer of the SuSE Security Team discovered various remotely exploitable buffer overflows in the MSN-protocol parsing functions during a code review of the MSN protocol handling code.
Remote attackers can execute arbitrary code as the user running the gaim client.
The vulnerable code exists in SUSE Linux 9.1 only.