Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2011 Greenbone AGOPENVAS:1361412562310831451
HistorySep 12, 2011 - 12:00 a.m.

Mandriva Update for pidgin MDVSA-2011:132 (pidgin)

2011-09-1200:00:00
Copyright (C) 2011 Greenbone AG
plugins.openvas.org
16

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

7.7

Confidence

High

EPSS

0.11

Percentile

95.2%

JSON

The remote host is missing an update for the

# SPDX-FileCopyrightText: 2011 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_xref(name:"URL", value:"http://lists.mandriva.com/security-announce/2011-09/msg00005.php");
  script_oid("1.3.6.1.4.1.25623.1.0.831451");
  script_version("2023-07-14T16:09:26+0000");
  script_tag(name:"last_modification", value:"2023-07-14 16:09:26 +0000 (Fri, 14 Jul 2023)");
  script_tag(name:"creation_date", value:"2011-09-12 16:29:49 +0200 (Mon, 12 Sep 2011)");
  script_tag(name:"cvss_base", value:"4.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:N/A:P");
  script_xref(name:"MDVSA", value:"2011:132");
  script_cve_id("CVE-2011-2485", "CVE-2011-2943", "CVE-2011-3184");
  script_name("Mandriva Update for pidgin MDVSA-2011:132 (pidgin)");

  script_tag(name:"summary", value:"The remote host is missing an update for the 'pidgin'
  package(s) announced via the referenced advisory.");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2011 Greenbone AG");
  script_family("Mandrake Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/mandriva_mandrake_linux", "ssh/login/release", re:"ssh/login/release=MNDK_(mes5|2010\.1|2009\.0)");
  script_tag(name:"affected", value:"pidgin on Mandriva Linux 2009.0,
  Mandriva Linux 2009.0/X86_64,
  Mandriva Linux 2010.1,
  Mandriva Linux 2010.1/X86_64,
  Mandriva Enterprise Server 5,
  Mandriva Enterprise Server 5/X86_64");
  script_tag(name:"insight", value:"Multiple vulnerabilities has been identified and fixed in pidgin:

  It was found that the gdk-pixbuf GIF image loader routine
  gdk_pixbuf__gif_image_load() did not properly handle certain return
  values from its subroutines. A remote attacker could provide a
  specially-crafted GIF image, which, once opened in Pidgin, would lead
  gdk-pixbuf to return a partially initialized pixbuf structure. Using
  this structure, possibly containing a huge width and height, could
  lead to the application being terminated due to excessive memory use
  (CVE-2011-2485).

  Certain characters in the nicknames of IRC users can trigger a
  null pointer dereference in the IRC protocol plugin's handling of
  responses to WHO requests. This can cause a crash on some operating
  systems. Clients based on libpurple 2.8.0 through 2.9.0 are affected
  (CVE-2011-2943).

  Incorrect handling of HTTP 100 responses in the MSN protocol plugin
  can cause the application to attempt to access memory that it does
  not have access to. This only affects users who have turned on the
  HTTP connection method for their accounts (it's off by default). This
  might only be triggerable by a malicious server and not a malicious
  peer. We believe remote code execution is not possible (CVE-2011-3184).

  Packages for 2009.0 are provided as of the Extended Maintenance
  Program. This update provides pidgin 2.10.0, which is not vulnerable to
  these issues.");
  script_tag(name:"solution", value:"Please Install the Updated Packages.");
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  script_xref(name:"URL", value:"http://store.mandriva.com/product_info.php?cPath=149&products_id=490");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release) exit(0);

res = "";

if(release == "MNDK_mes5")
{

  if ((res = isrpmvuln(pkg:"finch", rpm:"finch~2.10.0~0.1mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libfinch0", rpm:"libfinch0~2.10.0~0.1mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libpurple0", rpm:"libpurple0~2.10.0~0.1mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libpurple-devel", rpm:"libpurple-devel~2.10.0~0.1mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"pidgin", rpm:"pidgin~2.10.0~0.1mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"pidgin-bonjour", rpm:"pidgin-bonjour~2.10.0~0.1mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"pidgin-client", rpm:"pidgin-client~2.10.0~0.1mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"pidgin-gevolution", rpm:"pidgin-gevolution~2.10.0~0.1mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"pidgin-i18n", rpm:"pidgin-i18n~2.10.0~0.1mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"pidgin-meanwhile", rpm:"pidgin-meanwhile~2.10.0~0.1mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"pidgin-perl", rpm:"pidgin-perl~2.10.0~0.1mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"pidgin-plugins", rpm:"pidgin-plugins~2.10.0~0.1mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"pidgin-silc", rpm:"pidgin-silc~2.10.0~0.1mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"pidgin-tcl", rpm:"pidgin-tcl~2.10.0~0.1mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64finch0", rpm:"lib64finch0~2.10.0~0.1mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64purple0", rpm:"lib64purple0~2.10.0~0.1mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64purple-devel", rpm:"lib64purple-devel~2.10.0~0.1mdvmes5.2", rls:"MNDK_mes5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99);
  exit(0);
}


if(release == "MNDK_2010.1")
{

  if ((res = isrpmvuln(pkg:"finch", rpm:"finch~2.10.0~0.1mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libfinch0", rpm:"libfinch0~2.10.0~0.1mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libpurple0", rpm:"libpurple0~2.10.0~0.1mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libpurple-devel", rpm:"libpurple-devel~2.10.0~0.1mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"pidgin", rpm:"pidgin~2.10.0~0.1mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"pidgin-bonjour", rpm:"pidgin-bonjour~2.10.0~0.1mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"pidgin-client", rpm:"pidgin-client~2.10.0~0.1mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"pidgin-gevolution", rpm:"pidgin-gevolution~2.10.0~0.1mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"pidgin-i18n", rpm:"pidgin-i18n~2.10.0~0.1mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"pidgin-meanwhile", rpm:"pidgin-meanwhile~2.10.0~0.1mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"pidgin-perl", rpm:"pidgin-perl~2.10.0~0.1mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"pidgin-plugins", rpm:"pidgin-plugins~2.10.0~0.1mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"pidgin-silc", rpm:"pidgin-silc~2.10.0~0.1mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"pidgin-tcl", rpm:"pidgin-tcl~2.10.0~0.1mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64finch0", rpm:"lib64finch0~2.10.0~0.1mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64purple0", rpm:"lib64purple0~2.10.0~0.1mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64purple-devel", rpm:"lib64purple-devel~2.10.0~0.1mdv2010.2", rls:"MNDK_2010.1")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99);
  exit(0);
}


if(release == "MNDK_2009.0")
{

  if ((res = isrpmvuln(pkg:"finch", rpm:"finch~2.10.0~0.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libfinch0", rpm:"libfinch0~2.10.0~0.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libpurple0", rpm:"libpurple0~2.10.0~0.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"libpurple-devel", rpm:"libpurple-devel~2.10.0~0.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"pidgin", rpm:"pidgin~2.10.0~0.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"pidgin-bonjour", rpm:"pidgin-bonjour~2.10.0~0.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"pidgin-client", rpm:"pidgin-client~2.10.0~0.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"pidgin-gevolution", rpm:"pidgin-gevolution~2.10.0~0.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"pidgin-i18n", rpm:"pidgin-i18n~2.10.0~0.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"pidgin-meanwhile", rpm:"pidgin-meanwhile~2.10.0~0.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"pidgin-perl", rpm:"pidgin-perl~2.10.0~0.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"pidgin-plugins", rpm:"pidgin-plugins~2.10.0~0.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"pidgin-silc", rpm:"pidgin-silc~2.10.0~0.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"pidgin-tcl", rpm:"pidgin-tcl~2.10.0~0.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64finch0", rpm:"lib64finch0~2.10.0~0.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64purple0", rpm:"lib64purple0~2.10.0~0.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if ((res = isrpmvuln(pkg:"lib64purple-devel", rpm:"lib64purple-devel~2.10.0~0.1mdv2009.0", rls:"MNDK_2009.0")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99);
  exit(0);
}

Related

nessus 15
openvas 33
fedora 9
securityvulns 4
ubuntucve 3
altlinux 7
cve 3
nvd 3
debiancve 3
prion 3
seebug 1
cvelist 3
slackware 1
gentoo 2
ubuntu 1
osv 1
oraclelinux 2
nessus
nessus
Mandriva Linux Security Advisory : pidgin (MDVSA-2011:132-1)
2011-09-07 00:00:00
Pidgin < 2.10.0 Multiple Vulnerabilities
2011-08-22 00:00:00
Fedora 14 : gdk-pixbuf2-2.22.0-2.fc14 (2011-8667)
2011-08-17 00:00:00
openvas
openvas
Mandriva Update for pidgin MDVSA-2011:132 (pidgin)
2011-09-12 00:00:00
Fedora Update for pidgin FEDORA-2011-11544
2011-09-07 00:00:00
Fedora Update for pidgin FEDORA-2011-11544
2011-09-07 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: pidgin-2.10.0-1.fc15
2011-08-31 01:28:05
[SECURITY] Fedora 14 Update: pidgin-2.10.0-1.fc14
2011-09-07 00:29:29
[SECURITY] Fedora 15 Update: pidgin-2.9.0-1.fc15
2011-07-04 18:56:36
securityvulns
securityvulns
Pidgin code execution
2011-08-30 00:00:00
[slackware-security] pidgin &#40;SSA:2011-178-01&#41;
2011-07-04 00:00:00
pidgin instant messenger DoS
2011-07-04 00:00:00
ubuntucve
ubuntucve
CVE-2011-2485
2012-07-03 00:00:00
CVE-2011-2943
2011-08-29 00:00:00
CVE-2011-3184
2011-08-29 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 5 package pidgin version 2.10.0-alt0.M50P.1
2011-10-03 00:00:00
Security fix for the ALT Linux 5 package pidgin-mini version 2.9.0-alt1
2011-06-27 00:00:00
Security fix for the ALT Linux 6 package pidgin version 2.9.0-alt1
2011-06-28 00:00:00
cve
cve
CVE-2011-2485
2012-07-03 16:40:29
CVE-2011-2943
2011-08-29 17:55:00
CVE-2011-3184
2011-08-29 17:55:01
nvd
nvd
CVE-2011-2485
2012-07-03 16:40:29
CVE-2011-2943
2011-08-29 17:55:00
CVE-2011-3184
2011-08-29 17:55:01
debiancve
debiancve
CVE-2011-2943
2011-08-29 17:55:00
CVE-2011-2485
2012-07-03 16:40:29
CVE-2011-3184
2011-08-29 17:55:01
prion
prion
Null pointer dereference
2011-08-29 17:55:00
Design/Logic Flaw
2012-07-03 16:40:00
Code injection
2011-08-29 17:55:00
seebug
seebug
Pidginๆ‹’็ปๆœๅŠกๅ’Œๅฎ‰ๅ…จ็ป•่ฟ‡ๆผๆดž
2011-08-25 00:00:00
cvelist
cvelist
CVE-2011-2943
2011-08-29 17:00:00
CVE-2011-2485
2012-07-03 16:00:00
CVE-2011-3184
2011-08-29 17:00:00
slackware
slackware
[slackware-security] pidgin
2011-06-28 04:19:23
gentoo
gentoo
gdk-pixbuf: Denial of service
2012-06-23 00:00:00
Pidgin: Multiple vulnerabilities
2012-06-21 00:00:00
ubuntu
ubuntu
Pidgin vulnerabilities
2011-11-21 00:00:00
osv
osv
gdk-pixbuf-devel-2.36.0-1.1 on GA media
2024-06-15 00:00:00
oraclelinux
oraclelinux
pidgin security update
2012-07-19 00:00:00
pidgin security update
2013-03-14 00:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

7.7

Confidence

High

EPSS

0.11

Percentile

95.2%

JSON
Related for OPENVAS:1361412562310831451
nessus15openvas33fedora9securityvulns4ubuntucve3altlinux7cve3nvd3debiancve3prion3seebug1cvelist3slackware1gentoo2ubuntu1osv1oraclelinux2