The host is installed with Pidgin before 2.11.0 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle the password encryption. Successful exploitation allows attackers to decrypt hashed passwords by leveraging knowledge of client registration codes or gain login access by eavesdropping on login messages and re-using the hashed ...