what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2009-127

Mandriva Linux Security Advisory 2009-127
Posted Jun 4, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-127 - It was discovered that Gaim did not properly handle certain malformed messages in the MSN protocol handler. A remote attacker could send a specially crafted message and possibly execute arbitrary code with user privileges.

tags | advisory, remote, arbitrary, protocol
systems | linux, mandriva
advisories | CVE-2008-2927
SHA-256 | c129ddafc8e6adbe84ce0db1d2f64f157d4c61e4660c21d8942f61dda334aa16

Mandriva Linux Security Advisory 2009-127

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2009:127
https://www.mandriva.com/security/
_______________________________________________________________________

Package : gaim
Date : June 3, 2009
Affected: Corporate 3.0
_______________________________________________________________________

Problem Description:

It was discovered that Gaim did not properly handle certain malformed
messages in the MSN protocol handler. A remote attacker could send
a specially crafted message and possibly execute arbitrary code with
user privileges. (CVE-2008-2927)
_______________________________________________________________________

References:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2927
_______________________________________________________________________

Updated Packages:

Corporate 3.0:
f33a114cbf007f28fd6e8198ca1ebca2 corporate/3.0/i586/gaim-1.5.0-0.2.C30mdk.i586.rpm
36237a65920d5ed005aa3a15a4cd3c56 corporate/3.0/i586/gaim-devel-1.5.0-0.2.C30mdk.i586.rpm
638615c071a4118e4ecbec232930308d corporate/3.0/i586/gaim-perl-1.5.0-0.2.C30mdk.i586.rpm
c4d0735b587705b70c1423b4a79d89ca corporate/3.0/i586/gaim-tcl-1.5.0-0.2.C30mdk.i586.rpm
7db03353a62b5de39906113c585c5fb4 corporate/3.0/i586/libgaim-remote0-1.5.0-0.2.C30mdk.i586.rpm
671616d112af90f9cffc359aa08c764f corporate/3.0/i586/libgaim-remote0-devel-1.5.0-0.2.C30mdk.i586.rpm
43d70b5e7e3dda956660cda4a88e9e8b corporate/3.0/SRPMS/gaim-1.5.0-0.2.C30mdk.src.rpm

Corporate 3.0/X86_64:
1c01cd160fc75a94efec2aa945e36b35 corporate/3.0/x86_64/gaim-1.5.0-0.2.C30mdk.x86_64.rpm
8262c9b0566cd80792c0bdc937821125 corporate/3.0/x86_64/gaim-devel-1.5.0-0.2.C30mdk.x86_64.rpm
d3ca7daf40fcae4792f3e005e546a1f2 corporate/3.0/x86_64/gaim-perl-1.5.0-0.2.C30mdk.x86_64.rpm
23d7f53561346118cbf3aef045a325a5 corporate/3.0/x86_64/gaim-tcl-1.5.0-0.2.C30mdk.x86_64.rpm
d1f44f583038fe88d01afb1df936072f corporate/3.0/x86_64/lib64gaim-remote0-1.5.0-0.2.C30mdk.x86_64.rpm
fbb9ef34e9771a666717d6ea45246cf1 corporate/3.0/x86_64/lib64gaim-remote0-devel-1.5.0-0.2.C30mdk.x86_64.rpm
43d70b5e7e3dda956660cda4a88e9e8b corporate/3.0/SRPMS/gaim-1.5.0-0.2.C30mdk.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

https://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFKJniEmqjQ0CJFipgRAmmYAJ9Ws9bVrOxm9QaFSM7UmlpwR4qYSQCfeaER
dMI/55ysmlo17nZXRkr0P2k=
=NIbs
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close