FrSIRT - Fedora Security Update Fixes Pidgin Remote Denial of Service Vulnerability / Exploit (Security Advisories)

French Security Incident Response Team

French

English

Fedora Security Update Fixes Pidgin Remote Denial of Service Vulnerability

Title : Fedora Security Update Fixes Pidgin Remote Denial of Service Vulnerability
Advisory ID : FrSIRT/ADV-2007-3373
CVE ID : CVE-2007-4996
Rated as : Moderate Risk

Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-10-05

Advisory Details

Description

Affected Products

Solution

References

Technical Description

A vulnerability has been identified in Fedora, which could be exploited by remote attackers to cause a denial of service [...]

Solution

Upgrade the affected packages :

1fd2b17ccd19358e4cb80260a42865be77e1ce0d finch-2.2.1-1.fc7.ppc64.rpm
aee780078a9d282f8fde602472e2a0e467456bd9 pidgin-devel-2.2.1-1.fc7.ppc64.rpm
bdf8404b65ed66c2e876bbaee0aae8e27221bf66 libpurple-devel-2.2.1-1.fc7.ppc64.rpm
989231a51da735c9f151ffa6870faa19d39bb411 pidgin-perl-2.2.1-1.fc7.ppc64.rpm
cbb98d11c7d889558d4ea68ed616faed3b91718f pidgin-2.2.1-1.fc7.ppc64.rpm
4cebb7903097018b87052955a92ffaa09d09e35c libpurple-tcl-2.2.1-1.fc7.ppc64.rpm
100c436eb959b8e8749038873ce2370c3c97021d libpurple-perl-2.2.1-1.fc7.ppc64.rpm
a02ee081b0f0136022201591c22e7ac68703e44d pidgin-debuginfo-2.2.1-1.fc7.ppc64.rpm
bfbfe0af13fef9ffe018cef80d25f2da5dc4d15c finch-devel-2.2.1-1.fc7.ppc64.rpm
b4b2fd6aaf9ec44666826d1604ff722f1870e420 libpurple-2.2.1-1.fc7.ppc64.rpm
61e230f5224df6101bf776a568abe2d7a118506d finch-2.2.1-1.fc7.i386.rpm
36d86f2868eee87a06ff3e4c2c3c0e392b19b524 pidgin-2.2.1-1.fc7.i386.rpm
d5fe37158e49f7b74bcfa07659145d226a1f42ee libpurple-devel-2.2.1-1.fc7.i386.rpm
b5de0396a7a47d6f1575b912d75c755b782ed4b7 pidgin-perl-2.2.1-1.fc7.i386.rpm
527b8c79899f99ecbdc4bcf62917916745e042bb libpurple-tcl-2.2.1-1.fc7.i386.rpm
99537dc21782cbfea9eaefd3ad1d2de53a1d5f07 libpurple-2.2.1-1.fc7.i386.rpm
515f1baa39457125743f8470e4efd10dc47e5bed finch-devel-2.2.1-1.fc7.i386.rpm
023a3429b2a32d77166769f6ce32d95d04867b31 pidgin-debuginfo-2.2.1-1.fc7.i386.rpm
105715c1b988dc33dced6ba614cdc298816e5b25 pidgin-devel-2.2.1-1.fc7.i386.rpm
facda47de9680ba2dd85e35f2ca1d7092ddf57b3 libpurple-perl-2.2.1-1.fc7.i386.rpm
b2b6f90242828a215248ec224dc6deebee79cc21 libpurple-perl-2.2.1-1.fc7.x86_64.rpm
8cd87905480b5a992d34dbe98fa6aa4601e6a4e1 libpurple-devel-2.2.1-1.fc7.x86_64.rpm
e6d642f8090658595005d2398541140a8fb065f5 pidgin-devel-2.2.1-1.fc7.x86_64.rpm
206c001676f7e37172d17816bf36b8f1ae99f814 finch-devel-2.2.1-1.fc7.x86_64.rpm
ccad7f99d346c8f0a89a9ab037be6a43812a5ed4 pidgin-perl-2.2.1-1.fc7.x86_64.rpm
338a2a241a933e8a81c17c9cf387718e1d40c2b9 finch-2.2.1-1.fc7.x86_64.rpm
6152293dd7f524613ee21e5ca1df2ce2434939bc libpurple-2.2.1-1.fc7.x86_64.rpm
b3a409e0b8b0544b5d156f50dc3100db8f29af4d pidgin-debuginfo-2.2.1-1.fc7.x86_64.rpm
df3abe323428c1375d9ebd336296d95e85ed3530 pidgin-2.2.1-1.fc7.x86_64.rpm
2284320a5f802350d5f46c75c5f19a18193db4ab libpurple-tcl-2.2.1-1.fc7.x86_64.rpm
0252e9b5a827f3bacccba103bef98c6590ff6557 libpurple-tcl-2.2.1-1.fc7.ppc.rpm
d97ca4d818dd09f7bd91cbdbc2cd3d613b8bd0c2 pidgin-debuginfo-2.2.1-1.fc7.ppc.rpm
af5a1690a0e6f7dc40c35ee7502732fbcf566210 libpurple-perl-2.2.1-1.fc7.ppc.rpm
80760011fa7026fccae58458c4bba933accf2b48 libpurple-devel-2.2.1-1.fc7.ppc.rpm
60dece3ff9da03ecd02d35bd89be00592a8591a2 libpurple-2.2.1-1.fc7.ppc.rpm
ea2e9b6472c301ed8bb99518a95ca37a5f2d89bb pidgin-devel-2.2.1-1.fc7.ppc.rpm
75bab10cd9adb2b7a6f7f7a5e9a63c26ca713fb3 finch-2.2.1-1.fc7.ppc.rpm
25c62eeaffeee7efe35fc77a66771b0f07480580 pidgin-2.2.1-1.fc7.ppc.rpm
29247e9cddcf0adc3e309e9b38d93c7c76d0ca67 pidgin-perl-2.2.1-1.fc7.ppc.rpm
29744696b89896f4d8eebf97dfa7cdecfaf5891d finch-devel-2.2.1-1.fc7.ppc.rpm
dd80bf4cd6e060378009574373b2e97b29e1dc56 pidgin-2.2.1-1.fc7.src.rpm

ChangeLog

2007-10-05 : Initial release

Vulnerability Management

Subscribe to FrSIRT VNS and receive real-time e-mail and SMS alerts when new vulnerabilities, exploits, or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form or by email to updates@frsirt.com.

Mailinglist

	Mozilla Products Code Execution and Security Bypass Vulnerabilities
	Mozilla Firefox Shortcut Handlingg Information Disclosure Vulnerability
	Mozilla Products Code Execution and Security Bypass Vulnerabilities
	Mozilla Firefox for Mac OS X GIF Rendering Code Execution Vulnerability
	Mozilla Products Remote Code Execution and Security Bypass Issues
	Mozilla Products Code Execution and Injection Vulnerabilities
	Mozilla JavaScript Garbage Collector Code Execution Vulnerability

	Oracle and BEA Products Multiple Code Execution Vulnerabilities
	Oracle Products Multiple Code Execution and Security Bypass Issues
	Oracle Products Command Execution and SQL Injection Vulnerabilities
	Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities
	Oracle Database "PITRIG_DROPMETADATA" Buffer Overflow Vulnerability
	Oracle Products Multiple Code Execution and SQL Injection Vulnerabilities
	Oracle JInitiator ActiveX Control Multiple Remote Buffer Overflow Vulnerabilities

	Cisco IOS/CatOS VLAN Trunking Protocol DoS Vulnerability
	Cisco PIX and ASA Security Bypass and Denial of Service
	Cisco Unity Security Bypass and Denial of Service
	Cisco UCM SIP Remote Denial of Service
	Cisco IOS Denial of Service and Security Bypass Vulnerabilities
	Cisco PIX and ASA Information Disclosure and DoS Vulnerabilities
	Cisco Secure ACS EAP Remote Denial Of Service Vulnerability