CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
August 22nd, 2009

Potentially Serious Security Flaws Discovered In Pidgin, Finch, Adium, Meebo, And Gaim

Users of Pidgin and other alternative IM clients need to update their software following the discovery of potentially serious security flaws.

Pidgin, Finch, Adium, Meebo, and Gaim are all vulnerable to a flaw that stems from a bug in Libpurple, library software for multi-protocol support that’s used by many IM clients. The vulnerability stems from bugs in the software function that handles instant messages from the MSN network. The flaw was discovered by CORE Security.

The flaw is particularly serious because all it takes to take advantage of the vulnerability is a message from a regular MSN user, not necessarily on a targeted user’s buddy list, the SANS Institute Internet Storm Centre warns.

Users are advised to update to an IM client that uses non-vulnerable versions of Libpurple (version 2.5.9 or above). For Pidgin, the most common of the alternative IM packages affected, that means updating to version 2.5.9 as explained at http://www.pidgin.im/news/security/?id=34.

The issue provides further evidence that users of alternative client software may remove themselves from the main line of attacks but not from the need to patch their systems.

Credit: The Register

Share this item with others:

More on CyberInsecure:
  • Security Research Shows 75 Percent Of US Bank Websites Have Flaws
  • Five Vulnerabilities Patched In Firefox 3.0.2 and 2.0.0.17, Two Of Them Are Critical
  • Four Cross-scripting Vulnerabilities Found on Facebook Pose Serious Privacy Risk
  • Basic Flaws Allow Phishing And Spamming Vulnerabilities In iPhone
  • Severe VoIP Vulnerabilities In Microsoft Communicator

    • Posted in Software, Vulnerabilities | Print This Post Print This Post

    This entry was posted on Saturday, August 22nd, 2009 at 8:24 am and is filed under Software, Vulnerabilities. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Potentially Serious Security Flaws Discovered In Pidgin, Finch, Adium, Meebo, And Gaim

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « «
    » »