Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-675-2: Gaim vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-675-2: Gaim vulnerability
# 1  
Old 11-24-2008
USN-675-2: Gaim vulnerability
Referenced CVEs:
CVE-2008-2927


Description:
===========================================================Ubuntu Security Notice USN-675-2 November 24, 2008gaim vulnerabilityCVE-2008-2927===========================================================A security issue affects the following Ubuntu releases:Ubuntu 6.06 LTSThis advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 6.06 LTS: gaim 1:1.5.0+1.5.1cvs20051015-1ubuntu10.1After a standard system upgrade you need to restart Gaim to effectthe necessary changes.Details follow:It was discovered that Gaim did not properly handle certain malformedmessages in the MSN protocol handler. A remote attacker could send a speciallycrafted message and possibly execute arbitrary code with user privileges.(CVE-2008-2927)





More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT ULTRIX

secsetup

secsetup(8)						      System Manager's Manual						       secsetup(8)

Name
       secsetup - enable the enhanced security features

Syntax
       /usr/etc/sec/secsetup

Description
       The command is an interactive facility that allows you to enable the enhanced security features on your system.	You must first have loaded
       the enhanced security subset onto your system before running the command.

       The command allows you to configure your system either for security auditing, trusted path, enhanced login, or  any  combination  of  those
       features.  In addition, the command may add lines to the file.  To remove entries from the you must edit it by hand.  The command only adds
       lines to this file if they aren't already present.  You can run while the system is in multiuser mode (however,	some  inconsistencies  may
       result  from  this.   See the Security Guide for Administrators for more information).  To run type the following and then answer the ques-
       tions that follow:
       # /usr/etc/sec/secsetup
       Depending on the security features chosen, when completes you may need to replace your system's kernel and reboot the system.  For example,
       chosing either the security auditing or trusted path feature may require you to re-build your kernel.

Files
See Also
       set_audit_mask(8), auth(5), svc.conf(5)
       Security Guide for Administrators

																       secsetup(8)