FreeBSD : pidgin -- multiple vulnerabilities (b1ca65e6-5aaf-11de-bc9b-0030843d3802)
High Nessus Plugin ID 39426
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionSecunia reports :
Some vulnerabilities and weaknesses have been reported in Pidgin, which can be exploited by malicious people to cause a DoS or to potentially compromise a user's system.
A truncation error in the processing of MSN SLP messages can be exploited to cause a buffer overflow.
A boundary error in the XMPP SOCKS5 'bytestream' server when initiating an outgoing file transfer can be exploited to cause a buffer overflow.
A boundary error exists in the implementation of the 'PurpleCircBuffer' structure. This can be exploited to corrupt memory and cause a crash via specially crafted XMPP or Sametime packets.
A boundary error in the 'decrypt_out()' function can be exploited to cause a stack-based buffer overflow with 8 bytes and crash the application via a specially crafted QQ packet.
SolutionUpdate the affected packages.