Rapid7 Vulnerability & Exploit Database

RHSA-2002:107: Updated gaim client fixes Jabber plug-in vulnerability (Powertools)

Back to Search

RHSA-2002:107: Updated gaim client fixes Jabber plug-in vulnerability (Powertools)

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
10/04/2002
Created
07/25/2018
Added
03/24/2010
Modified
07/04/2017

Description

Updated gaim packages are now available for Red Hat Powertools 7. These updates fix a buffer overflow in the Jabber plug-in module.

Gaim is an instant messaging client written in GTK and is based on the published TOC messaging protocol from AOL. Versions of gaim prior to 0.58 contained a buffer overflow in the Jabber plug-in module. Users of gaim should update to these errata packages containing gaim 0.59 which is not vulnerable to this issue. Please note that gaim version 0.57 had an additional security problem which has been fixed in version 0.58 (CAN-2002-0377), however Red Hat Powertools did not ship with version 0.57 and was not vulnerable to this issue.

Solution(s)

  • redhat-upgrade-gaim

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;