FreeBSD Ports: gaim, ja-gaim, ko-gaim, ru-gaim

The remote host is missing an update to the system as announced in the referenced advisory.

The following packages are affected: gaim ja-gaim ko-gaim ru-gaim kdenetwork pl-ekg centericq pl-gnugadu CVE-2005-1850 Certain contributed scripts for ekg Gadu Gadu client 1.5 and earlier create temporary files insecurely, with unknown impact and attack vectors, a different vulnerability than CVE-2005-1916. CVE-2005-1851 A certain contributed script for ekg Gadu Gadu client 1.5 and earlier allows attackers to execute shell commands via unknown attack vectors. CVE-2005-1852 Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message. CVE-2005-2369 Multiple integer signedness errors in libgadu, as used in ekg before 1.6rc2 and other packages, may allow remote attackers to cause a denial of service or execute arbitrary code. CVE-2005-2370 Multiple 'memory alignment errors' in libgadu, as used in ekg before 1.6rc2 and other packages, allows remote attackers to cause a denial of service (bus error) on certain architectures such as SPARC via an incoming message. CVE-2005-2448 Multiple 'endianness errors' in libgadu in ekg before 1.6rc2 allow remote attackers to cause a denial of service (invalid behaviour in applications) on big-endian systems.

Update your system with the appropriate patches or software upgrades. http://gaim.sourceforge.net/security/?id=20 http://www.kde.org/info/security/advisory-20050721-1.txt http://marc.theaimsgroup.com/?l=bugtraq&m=112198499417250 http://www.vuxml.org/freebsd/3b4a6982-0b24-11da-bc08-0001020eed82.html