CVE-2005-2370
https://notcve.org/view.php?id=CVE-2005-2370
Multiple "memory alignment errors" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service (bus error) on certain architectures such as SPARC via an incoming message. Múltiples "errores de alineamiento de memoria" en libgadu, usado en ekg anterior a la 1.5rc2, Gaim anteriores a 1.5.0 y otros paquetes permite que atacantes remotos causen una denegación de servicio (error de bus) en ciertas arquitecturas, tales como SPACRC, mediante un mensaje de entrada. • http://gaim.sourceforge.net/security/index.php?id=20 http://marc.info/?l=bugtraq&m=112198499417250&w=2 http://secunia.com/advisories/16265 http://www.debian.org/security/2005/dsa-813 http://www.debian.org/security/2007/dsa-1318 http://www.redhat.com/support/errata/RHSA-2005-627.html http://www.securityfocus.com/archive/1/426078/100/0/threaded http://www.securityfocus.com/bid/24600 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1 • CWE-399: Resource Management Errors •
CVE-2005-1852
https://notcve.org/view.php?id=CVE-2005-1852
Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message. Múltiples desbordamientos de búfer en libgadu, usado en Kopete en KDE 3.2.3 hasta la 3.4.1, ekg anteriores a 1.6rc3, GNU Gadu, CenterICQ, Kadu, y otros paquetes, permite que atacantes remotos causen una denegación de servicio (caída) y posiblemente ejecuten código arbitrario mediante un mensaje de entrada. • http://lwn.net/Articles/144724 http://marc.info/?l=bugtraq&m=112198499417250&w=2 http://secunia.com/advisories/16140 http://secunia.com/advisories/16155 http://secunia.com/advisories/16211 http://secunia.com/advisories/16242 http://security.gentoo.org/glsa/glsa-200507-23.xml http://www.gentoo.org/security/en/glsa/glsa-200507-26.xml http://www.kde.org/info/security/advisory-20050721-1.txt http://www.novell.com/linux/security/advisories/2005_19_sr.html http:/ • CWE-189: Numeric Errors •
CVE-2005-1850
https://notcve.org/view.php?id=CVE-2005-1850
Certain contributed scripts for ekg Gadu Gadu client 1.5 and earlier create temporary files insecurely, with unknown impact and attack vectors, a different vulnerability than CVE-2005-1916. • http://marc.info/?l=bugtraq&m=112198499417250&w=2 http://www.debian.org/security/2005/dsa-760 •
CVE-2005-1851
https://notcve.org/view.php?id=CVE-2005-1851
A certain contributed script for ekg Gadu Gadu client 1.5 and earlier allows attackers to execute shell commands via unknown attack vectors. Ciertos scripts en el cliente ekg Gadu 1.5 y anteriores permiten ejecutar comandos shell mediante maneras de ataque desconocidas. • http://marc.info/?l=bugtraq&m=112198499417250&w=2 http://www.debian.org/security/2005/dsa-760 •
CVE-2005-1916
https://notcve.org/view.php?id=CVE-2005-1916
linki.py in ekg 2005-06-05 and earlier allows local users to overwrite or create arbitrary files via a symlink attack on temporary files. • http://marc.info/?l=bugtraq&m=112060146011122&w=2 http://marc.info/?l=bugtraq&m=112198499417250&w=2 http://www.debian.org/security/2005/dsa-760 http://www.zataz.net/adviso/ekg-06062005.txt • CWE-59: Improper Link Resolution Before File Access ('Link Following') •