Download
| Alert*
|
oval:org.secpod.oval:def:300610
Security vulnerabilities has been identified and fixed in pidgin: The NSS plugin in libpurple in Pidgin 2.4.1 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service. Pidgin 2.4.1 allows remote a ... oval:org.secpod.oval:def:300498 The NSS plugin in libpurple in Pidgin 2.4.1 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service. Pidgin 2.4.1 allows remote attackers to cause a denial of service via a long filename that co ... oval:org.secpod.oval:def:16931 The host is installed with Pidgin 2.4.1 and is prone to denial of service vulnerability. The flaw is present in the msn_slplink_process_msg function, which fails to handle a long filename that contains certain characters, as demonstrated using an MSN message that triggers the crash in the msn_slplin ... oval:org.secpod.oval:def:700175 It was discovered that Pidgin did not properly handle certain topic messages in the IRC protocol handler. If a user were tricked into connecting to a malicious IRC server, an attacker could cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 8.04 LTS, Ubuntu 8.10 a ... |
