Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
Name MDVSA-2010:001 First vendor Publication 2010-01-11
Vendor Mandriva Last vendor Modification 2010-01-11
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N)
Cvss Base Score 5 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Security vulnerabilities has been identified and fixed in pidgin:

The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adium before 1.3.7 allows remote attackers to cause a denial of service (application crash) via crafted contact-list data for (1) ICQ and possibly (2) AIM, as demonstrated by the SIM IM client (CVE-2009-3615).

Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. NOTE: it could be argued that this is resultant from a vulnerability in which an emoticon download request is processed even without a preceding text/x-mms-emoticon message that announced availability of the emoticon (CVE-2010-0013).

Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers.

This update provides pidgin 2.6.5, which is not vulnerable to these issues.

Original Source

Url : http://www.mandriva.com/security/advisories?name=MDVSA-2010:001

CAPEC : Common Attack Pattern Enumeration & Classification

Id Name
CAPEC-23 File System Function Injection, Content Based
CAPEC-64 Using Slashes and URL Encoding Combined to Bypass Validation Logic
CAPEC-76 Manipulating Input to File System Calls
CAPEC-78 Using Escaped Slashes in Alternate Encoding
CAPEC-79 Using Slashes in Alternate Encoding
CAPEC-139 Relative Path Traversal

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-399 Resource Management Errors
50 % CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10333
 
Oval ID: oval:org.mitre.oval:def:10333
Title: Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. NOTE: it could be argued that this is resultant from a vulnerability in which an emoticon download request is processed even without a preceding text/x-mms-emoticon message that announced availability of the emoticon.
Description: Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. NOTE: it could be argued that this is resultant from a vulnerability in which an emoticon download request is processed even without a preceding text/x-mms-emoticon message that announced availability of the emoticon.
Family: unix Class: vulnerability
Reference(s): CVE-2010-0013
Version: 5
Platform(s): Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13444
 
Oval ID: oval:org.mitre.oval:def:13444
Title: DSA-1932-1 pidgin -- programming error
Description: It was discovered that incorrect pointer handling in the purple library, an internal component of the multi-protocol instant messaging client Pidgin, could lead to denial of service or the execution of arbitrary code through malformed contact requests. For the stable distribution, this problem has been fixed in version 2.4.3-4lenny5. For the unstable distribution, this problem has been fixed in version 2.6.3-1. We recommend that you upgrade your pidgin package.
Family: unix Class: patch
Reference(s): DSA-1932-1
CVE-2009-3615
Version: 5
Platform(s): Debian GNU/Linux 5.0
Product(s): pidgin
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17620
 
Oval ID: oval:org.mitre.oval:def:17620
Title: Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. NOTE: it could be argued that this is resultant from a vulnerability in which an emoticon download request is processed even without a preceding text/x-mms-emoticon message that announced availability of the emoticon
Description: Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. NOTE: it could be argued that this is resultant from a vulnerability in which an emoticon download request is processed even without a preceding text/x-mms-emoticon message that announced availability of the emoticon.
Family: windows Class: vulnerability
Reference(s): CVE-2010-0013
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Pidgin
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18388
 
Oval ID: oval:org.mitre.oval:def:18388
Title: The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adium before 1.3.7 allows remote attackers to cause a denial of service (application crash) via crafted contact-list data for (1) ICQ and possibly (2) AIM, as demonstrated by the SIM IM client
Description: The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adium before 1.3.7 allows remote attackers to cause a denial of service (application crash) via crafted contact-list data for (1) ICQ and possibly (2) AIM, as demonstrated by the SIM IM client.
Family: windows Class: vulnerability
Reference(s): CVE-2009-3615
Version: 3
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 8
Microsoft Windows Server 2012
Product(s): Pidgin
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22173
 
Oval ID: oval:org.mitre.oval:def:22173
Title: RHSA-2010:0044: pidgin security update (Important)
Description: Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. NOTE: it could be argued that this is resultant from a vulnerability in which an emoticon download request is processed even without a preceding text/x-mms-emoticon message that announced availability of the emoticon.
Family: unix Class: patch
Reference(s): RHSA-2010:0044-01
CESA-2010:0044
CVE-2010-0013
Version: 4
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): pidgin
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22975
 
Oval ID: oval:org.mitre.oval:def:22975
Title: ELSA-2009:1536: pidgin security update (Moderate)
Description: The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adium before 1.3.7 allows remote attackers to cause a denial of service (application crash) via crafted contact-list data for (1) ICQ and possibly (2) AIM, as demonstrated by the SIM IM client.
Family: unix Class: patch
Reference(s): ELSA-2009:1536-01
CVE-2009-3615
Version: 6
Platform(s): Oracle Linux 5
Product(s): pidgin
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23006
 
Oval ID: oval:org.mitre.oval:def:23006
Title: ELSA-2010:0044: pidgin security update (Important)
Description: Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. NOTE: it could be argued that this is resultant from a vulnerability in which an emoticon download request is processed even without a preceding text/x-mms-emoticon message that announced availability of the emoticon.
Family: unix Class: patch
Reference(s): ELSA-2010:0044-01
CVE-2010-0013
Version: 6
Platform(s): Oracle Linux 5
Product(s): pidgin
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29046
 
Oval ID: oval:org.mitre.oval:def:29046
Title: RHSA-2009:1536 -- pidgin security update (Moderate)
Description: Updated pidgin packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. The AOL Open System for Communication in Realtime (OSCAR) protocol is used by the AOL ICQ and AIM instant messaging systems. An invalid pointer dereference bug was found in the way the Pidgin OSCAR protocol implementation processed lists of contacts. A remote attacker could send a specially-crafted contact list to a user running Pidgin, causing Pidgin to crash. (CVE-2009-3615)
Family: unix Class: patch
Reference(s): RHSA-2009:1536
CESA-2009:1536-CentOS 5
CVE-2009-3615
Version: 3
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 4
CentOS Linux 5
Product(s): pidgin
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8221
 
Oval ID: oval:org.mitre.oval:def:8221
Title: DSA-1932 pidgin -- programming error
Description: It was discovered that incorrect pointer handling in the purple library, an internal component of the multi-protocol instant messaging client Pidgin, could lead to denial of service or the execution of arbitrary code through malformed contact requests.
Family: unix Class: patch
Reference(s): DSA-1932
CVE-2009-3615
Version: 3
Platform(s): Debian GNU/Linux 5.0
Product(s): pidgin
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:844
 
Oval ID: oval:org.mitre.oval:def:844
Title: MSN Messenger Remote File Access Vulnerability
Description: Microsoft MSN Messenger 6.0 and 6.1 does not properly handle certain requests, which allows remote attackers to read arbitrary files.
Family: windows Class: vulnerability
Reference(s): CVE-2004-0122
Version: 5
Platform(s): Microsoft Windows 95
Microsoft Windows 98
Microsoft Windows ME
Microsoft Windows NT
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Product(s): MSN Messenger
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9414
 
Oval ID: oval:org.mitre.oval:def:9414
Title: The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adium before 1.3.7 allows remote attackers to cause a denial of service (application crash) via crafted contact-list data for (1) ICQ and possibly (2) AIM, as demonstrated by the SIM IM client.
Description: The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adium before 1.3.7 allows remote attackers to cause a denial of service (application crash) via crafted contact-list data for (1) ICQ and possibly (2) AIM, as demonstrated by the SIM IM client.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3615
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 19
Application 2
Application 41
Os 2
Os 6
Os 2
Os 1
Os 2

ExploitDB Exploits

id Description
2010-01-19 Pidgin MSN <= 2.6.4 File Download Vulnerability

OpenVAS Exploits

Date Description
2012-08-10 Name : Gentoo Security Advisory GLSA 201206-11 (Pidgin)
File : nvt/glsa_201206_11.nasl
2011-08-09 Name : CentOS Update for finch CESA-2010:0044 centos5 i386
File : nvt/gb_CESA-2010_0044_finch_centos5_i386.nasl
2011-08-09 Name : CentOS Update for finch CESA-2009:1536 centos5 i386
File : nvt/gb_CESA-2009_1536_finch_centos5_i386.nasl
2011-08-09 Name : CentOS Update for finch CESA-2009:1536 centos4 i386
File : nvt/gb_CESA-2009_1536_finch_centos4_i386.nasl
2011-08-09 Name : CentOS Update for pidgin CESA-2009:1535 centos3 i386
File : nvt/gb_CESA-2009_1535_pidgin_centos3_i386.nasl
2010-11-16 Name : Fedora Update for pidgin FEDORA-2010-17130
File : nvt/gb_fedora_2010_17130_pidgin_fc12.nasl
2010-08-02 Name : Fedora Update for pidgin FEDORA-2010-11315
File : nvt/gb_fedora_2010_11315_pidgin_fc12.nasl
2010-05-28 Name : Fedora Update for pidgin FEDORA-2010-8524
File : nvt/gb_fedora_2010_8524_pidgin_fc12.nasl
2010-05-28 Name : Fedora Update for pidgin FEDORA-2010-8523
File : nvt/gb_fedora_2010_8523_pidgin_fc11.nasl
2010-05-04 Name : FreeBSD Ports: pidgin
File : nvt/freebsd_pidgin1.nasl
2010-04-30 Name : Mandriva Update for pidgin MDVSA-2010:085 (pidgin)
File : nvt/gb_mandriva_MDVSA_2010_085.nasl
2010-03-02 Name : Fedora Update for pidgin FEDORA-2010-0429
File : nvt/gb_fedora_2010_0429_pidgin_fc11.nasl
2010-03-02 Name : Mandriva Update for dhcp MDVA-2010:085 (dhcp)
File : nvt/gb_mandriva_MDVA_2010_085.nasl
2010-03-02 Name : Fedora Update for pidgin FEDORA-2010-1383
File : nvt/gb_fedora_2010_1383_pidgin_fc12.nasl
2010-03-02 Name : Fedora Update for pidgin FEDORA-2010-1279
File : nvt/gb_fedora_2010_1279_pidgin_fc11.nasl
2010-03-02 Name : Fedora Update for pidgin FEDORA-2010-0368
File : nvt/gb_fedora_2010_0368_pidgin_fc12.nasl
2010-02-03 Name : Solaris Update for Instant Messaging 143318-01
File : nvt/gb_solaris_143318_01.nasl
2010-02-03 Name : Solaris Update for GNOME 2.6.0 143317-01
File : nvt/gb_solaris_143317_01.nasl
2010-01-20 Name : Ubuntu Update for pidgin vulnerabilities USN-886-1
File : nvt/gb_ubuntu_USN_886_1.nasl
2010-01-19 Name : RedHat Update for pidgin RHSA-2010:0044-01
File : nvt/gb_RHSA-2010_0044-01_pidgin.nasl
2010-01-19 Name : CentOS Update for finch CESA-2010:0044 centos4 x86_64
File : nvt/gb_CESA-2010_0044_finch_centos4_x86_64.nasl
2010-01-19 Name : CentOS Update for finch CESA-2010:0044 centos4 i386
File : nvt/gb_CESA-2010_0044_finch_centos4_i386.nasl
2010-01-16 Name : Pidgin MSN Custom Smileys File Disclosure Vulnerability (Win)
File : nvt/gb_pidgin_msnslp_dir_trav_vuln_win.nasl
2010-01-16 Name : Pidgin MSN Custom Smileys File Disclosure Vulnerability (Linux)
File : nvt/gb_pidgin_msnslp_dir_trav_vuln_lin.nasl
2010-01-15 Name : Mandriva Update for pidgin MDVSA-2010:001 (pidgin)
File : nvt/gb_mandriva_MDVSA_2010_001.nasl
2010-01-15 Name : Mandriva Update for pidgin MDVSA-2010:002 (pidgin)
File : nvt/gb_mandriva_MDVSA_2010_002.nasl
2009-12-03 Name : SLES11: Security update for pidgin
File : nvt/sles11_cdparanoia.nasl
2009-11-11 Name : Debian Security Advisory DSA 1932-1 (pidgin)
File : nvt/deb_1932_1.nasl
2009-11-11 Name : RedHat Security Advisory RHSA-2009:1536
File : nvt/RHSA_2009_1536.nasl
2009-11-11 Name : CentOS Security Advisory CESA-2009:1535 (pidgin)
File : nvt/ovcesa2009_1535.nasl
2009-11-11 Name : CentOS Security Advisory CESA-2009:1536 (pidgin)
File : nvt/ovcesa2009_1536.nasl
2009-11-11 Name : RedHat Security Advisory RHSA-2009:1535
File : nvt/RHSA_2009_1535.nasl
2009-10-27 Name : Fedora Core 10 FEDORA-2009-10702 (pidgin)
File : nvt/fcore_2009_10702.nasl
2009-10-27 Name : Fedora Core 11 FEDORA-2009-10662 (pidgin)
File : nvt/fcore_2009_10662.nasl
2009-10-23 Name : Pidgin Oscar Protocol Denial of Service Vulnerability (Linux)
File : nvt/gb_pidgin_oscar_dos_vuln_oct09_lin.nasl
2009-10-23 Name : Pidgin Oscar Protocol Denial of Service Vulnerability (Win)
File : nvt/gb_pidgin_oscar_dos_vuln_oct09_win.nasl
0000-00-00 Name : Slackware Advisory SSA:2010-024-03 pidgin
File : nvt/esoft_slk_ssa_2010_024_03.nasl
0000-00-00 Name : Slackware Advisory SSA:2009-290-02 pidgin
File : nvt/esoft_slk_ssa_2009_290_02.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
61421 Adium MSN Custom Smileys Feature Emoticon Request Traversal Arbitrary File Di...

61420 Pidgin MSN Custom Smileys Feature Emoticon Request Traversal Arbitrary File D...

59142 Adium libpurple OSCAR Protocol Plugin Crafted Contact-list Data Remote DoS

59141 Pidgin libpurple OSCAR Protocol Plugin Crafted Contact-list Data Remote DoS

4169 MSN Messenger Arbitrary File Retrieval

Nessus® Vulnerability Scanner

Date Description
2013-12-28 Name : The remote host is missing Sun Security Patch number 143317-03
File : solaris10_143317.nasl - Type : ACT_GATHER_INFO
2013-12-28 Name : The remote host is missing Sun Security Patch number 143318-03
File : solaris10_x86_143318.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2010-0044.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1536.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2009-1535.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20091029_pidgin_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100114_pidgin_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-06-22 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201206-11.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_finch-6861.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_finch-6856.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_finch-6710.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_finch-6709.nasl - Type : ACT_GATHER_INFO
2010-11-11 Name : The remote Fedora host is missing a security update.
File : fedora_2010-17130.nasl - Type : ACT_GATHER_INFO
2010-08-02 Name : The remote Fedora host is missing a security update.
File : fedora_2010-11315.nasl - Type : ACT_GATHER_INFO
2010-07-30 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-002.nasl - Type : ACT_GATHER_INFO
2010-07-01 Name : The remote Fedora host is missing a security update.
File : fedora_2010-8524.nasl - Type : ACT_GATHER_INFO
2010-07-01 Name : The remote Fedora host is missing a security update.
File : fedora_2010-0368.nasl - Type : ACT_GATHER_INFO
2010-07-01 Name : The remote Fedora host is missing a security update.
File : fedora_2010-0429.nasl - Type : ACT_GATHER_INFO
2010-07-01 Name : The remote Fedora host is missing a security update.
File : fedora_2010-8523.nasl - Type : ACT_GATHER_INFO
2010-07-01 Name : The remote Fedora host is missing a security update.
File : fedora_2010-1383.nasl - Type : ACT_GATHER_INFO
2010-07-01 Name : The remote Fedora host is missing a security update.
File : fedora_2010-1279.nasl - Type : ACT_GATHER_INFO
2010-04-29 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-085.nasl - Type : ACT_GATHER_INFO
2010-03-04 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_finch-100219.nasl - Type : ACT_GATHER_INFO
2010-03-04 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_finch-100219.nasl - Type : ACT_GATHER_INFO
2010-03-04 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_finch-100219.nasl - Type : ACT_GATHER_INFO
2010-03-03 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_finch-100219.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1932.nasl - Type : ACT_GATHER_INFO
2010-01-25 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2010-024-03.nasl - Type : ACT_GATHER_INFO
2010-01-19 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-886-1.nasl - Type : ACT_GATHER_INFO
2010-01-15 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2010-0044.nasl - Type : ACT_GATHER_INFO
2010-01-15 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0044.nasl - Type : ACT_GATHER_INFO
2010-01-12 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2010-001.nasl - Type : ACT_GATHER_INFO
2010-01-12 Name : An instant messaging client installed on the remote Windows host is affected ...
File : pidgin_2_6_5.nasl - Type : ACT_GATHER_INFO
2009-12-08 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_finch-091024.nasl - Type : ACT_GATHER_INFO
2009-12-08 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_finch-081203.nasl - Type : ACT_GATHER_INFO
2009-12-08 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_finch-080606.nasl - Type : ACT_GATHER_INFO
2009-12-03 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_finch-090221.nasl - Type : ACT_GATHER_INFO
2009-11-02 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2009-1536.nasl - Type : ACT_GATHER_INFO
2009-10-30 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2009-1535.nasl - Type : ACT_GATHER_INFO
2009-10-30 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1536.nasl - Type : ACT_GATHER_INFO
2009-10-30 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2009-1535.nasl - Type : ACT_GATHER_INFO
2009-10-22 Name : The remote Fedora host is missing a security update.
File : fedora_2009-10702.nasl - Type : ACT_GATHER_INFO
2009-10-22 Name : The remote Fedora host is missing a security update.
File : fedora_2009-10662.nasl - Type : ACT_GATHER_INFO
2009-10-19 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2009-290-02.nasl - Type : ACT_GATHER_INFO
2004-03-09 Name : It is possible to read files on the remote host.
File : smb_nt_ms04-010.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
Date Informations
2017-08-17 09:25:22
  • Multiple Updates
2016-08-26 01:03:54
  • Multiple Updates
2014-02-17 11:41:09
  • Multiple Updates
2013-11-06 21:32:37
  • Multiple Updates
2013-11-06 13:34:26
  • Multiple Updates