Pidgin NSS plugin SSL Certificate Validation Security Bypass Vulnerability
BID:30553
Info
Pidgin NSS plugin SSL Certificate Validation Security Bypass Vulnerability
| Bugtraq ID: | 30553 |
| Class: | Design Error |
| CVE: |
CVE-2008-3532 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 05 2008 12:00AM |
| Updated: | Dec 08 2009 11:34PM |
| Credit: | Josh Triplett |
| Vulnerable: |
Ubuntu Ubuntu Linux 8.04 LTS sparc Ubuntu Ubuntu Linux 8.04 LTS powerpc Ubuntu Ubuntu Linux 8.04 LTS lpia Ubuntu Ubuntu Linux 8.04 LTS amd64 Ubuntu Ubuntu Linux 7.10 sparc Ubuntu Ubuntu Linux 7.10 powerpc Ubuntu Ubuntu Linux 7.10 lpia Ubuntu Ubuntu Linux 7.10 i386 Ubuntu Ubuntu Linux 7.10 amd64 SuSE Linux 5.0 Redhat Enterprise Linux WS 4 Redhat Enterprise Linux Optional Productivity Application 5 server Redhat Enterprise Linux ES 4 Redhat Enterprise Linux Desktop Workstation 5 client Redhat Enterprise Linux Desktop 5 client Redhat Enterprise Linux AS 4 Redhat Enterprise Linux Desktop version 4 Pidgin Pidgin 2.4.3 Pardus Linux 2008 0 Pardus Linux 2007 0 Mandriva Linux Mandrake 2008.1 x86_64 Mandriva Linux Mandrake 2008.1 Mandriva Linux Mandrake 2008.0 x86_64 Mandriva Linux Mandrake 2008.0 Gentoo Linux |
| Not Vulnerable: | |
Discussion
Pidgin NSS plugin SSL Certificate Validation Security Bypass Vulnerability
Pidgin is prone to a security-bypass vulnerability because the application fails to properly validate SSL certificates from a server.
Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks or impersonate trusted servers. This will aid in further attacks.
Pidgin 2.4.3 is vulnerable; other versions may also be affected.
Pidgin is prone to a security-bypass vulnerability because the application fails to properly validate SSL certificates from a server.
Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks or impersonate trusted servers. This will aid in further attacks.
Pidgin 2.4.3 is vulnerable; other versions may also be affected.
Exploit / POC
Pidgin NSS plugin SSL Certificate Validation Security Bypass Vulnerability
An attacker can use readily available network utilities to exploit this issue.
An attacker can use readily available network utilities to exploit this issue.
Solution / Fix
Pidgin NSS plugin SSL Certificate Validation Security Bypass Vulnerability
Solution:
Updates are available. Please see the references for more information.
Ubuntu Ubuntu Linux 7.10 i386
Mandriva Linux Mandrake 2008.1 x86_64
Ubuntu Ubuntu Linux 7.10 powerpc
Mandriva Linux Mandrake 2008.1
Ubuntu Ubuntu Linux 8.04 LTS powerpc
Ubuntu Ubuntu Linux 8.04 LTS sparc
Ubuntu Ubuntu Linux 7.10 amd64
Mandriva Linux Mandrake 2008.0 x86_64
Ubuntu Ubuntu Linux 8.04 LTS amd64
Mandriva Linux Mandrake 2008.0
Ubuntu Ubuntu Linux 7.10 sparc
Ubuntu Ubuntu Linux 8.04 LTS lpia
Ubuntu Ubuntu Linux 7.10 lpia
Pidgin Pidgin 2.4.3
Solution:
Updates are available. Please see the references for more information.
Ubuntu Ubuntu Linux 7.10 i386
-
Ubuntu finch-dev_2.2.1-1ubuntu4.3_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/finch-dev_2.2.1-1 ubuntu4.3_all.deb -
Ubuntu finch_2.2.1-1ubuntu4.3_i386.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/finch_2.2.1-1ubun tu4.3_i386.deb -
Ubuntu gaim_2.2.1-1ubuntu4.3_all.deb
http://security.ubuntu.com/ubuntu/pool/universe/p/pidgin/gaim_2.2.1-1u buntu4.3_all.deb -
Ubuntu libpurple-bin_2.2.1-1ubuntu4.3_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple-bin_2.2 .1-1ubuntu4.3_all.deb -
Ubuntu libpurple-dev_2.2.1-1ubuntu4.3_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple-dev_2.2 .1-1ubuntu4.3_all.deb -
Ubuntu libpurple0_2.2.1-1ubuntu4.3_i386.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple0_2.2.1- 1ubuntu4.3_i386.deb -
Ubuntu pidgin-data_2.2.1-1ubuntu4.3_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-data_2.2.1 -1ubuntu4.3_all.deb -
Ubuntu pidgin-dbg_2.2.1-1ubuntu4.3_i386.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-dbg_2.2.1- 1ubuntu4.3_i386.deb -
Ubuntu pidgin-dev_2.2.1-1ubuntu4.3_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-dev_2.2.1- 1ubuntu4.3_all.deb -
Ubuntu pidgin_2.2.1-1ubuntu4.3_i386.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin_2.2.1-1ubu ntu4.3_i386.deb
Mandriva Linux Mandrake 2008.1 x86_64
-
Mandriva finch-2.4.1-2.3mdv2008.1.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva lib64finch0-2.4.1-2.3mdv2008.1.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva lib64purple-devel-2.4.1-2.3mdv2008.1.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva lib64purple0-2.4.1-2.3mdv2008.1.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-2.4.1-2.3mdv2008.1.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-bonjour-2.4.1-2.3mdv2008.1.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-client-2.4.1-2.3mdv2008.1.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-gevolution-2.4.1-2.3mdv2008.1.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-i18n-2.4.1-2.3mdv2008.1.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-meanwhile-2.4.1-2.3mdv2008.1.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-mono-2.4.1-2.3mdv2008.1.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-perl-2.4.1-2.3mdv2008.1.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-silc-2.4.1-2.3mdv2008.1.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-tcl-2.4.1-2.3mdv2008.1.x86_64.rpm
http://www.mandriva.com/en/download/
Ubuntu Ubuntu Linux 7.10 powerpc
-
Ubuntu finch-dev_2.2.1-1ubuntu4.3_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/finch-dev_2.2.1-1 ubuntu4.3_all.deb -
Ubuntu finch_2.2.1-1ubuntu4.3_powerpc.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/finch_2.2.1-1ubun tu4.3_powerpc.deb -
Ubuntu gaim_2.2.1-1ubuntu4.3_all.deb
http://security.ubuntu.com/ubuntu/pool/universe/p/pidgin/gaim_2.2.1-1u buntu4.3_all.deb -
Ubuntu libpurple-bin_2.2.1-1ubuntu4.3_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple-bin_2.2 .1-1ubuntu4.3_all.deb -
Ubuntu libpurple-dev_2.2.1-1ubuntu4.3_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple-dev_2.2 .1-1ubuntu4.3_all.deb -
Ubuntu libpurple0_2.2.1-1ubuntu4.3_powerpc.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple0_2.2.1- 1ubuntu4.3_powerpc.deb -
Ubuntu pidgin-data_2.2.1-1ubuntu4.3_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-data_2.2.1 -1ubuntu4.3_all.deb -
Ubuntu pidgin-dbg_2.2.1-1ubuntu4.3_powerpc.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-dbg_2.2.1- 1ubuntu4.3_powerpc.deb -
Ubuntu pidgin-dev_2.2.1-1ubuntu4.3_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-dev_2.2.1- 1ubuntu4.3_all.deb -
Ubuntu pidgin_2.2.1-1ubuntu4.3_powerpc.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin_2.2.1-1ubu ntu4.3_powerpc.deb
Mandriva Linux Mandrake 2008.1
-
Mandriva finch-2.4.1-2.3mdv2008.1.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva libfinch0-2.4.1-2.3mdv2008.1.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva libpurple-devel-2.4.1-2.3mdv2008.1.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva libpurple0-2.4.1-2.3mdv2008.1.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-2.4.1-2.3mdv2008.1.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-bonjour-2.4.1-2.3mdv2008.1.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-client-2.4.1-2.3mdv2008.1.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-gevolution-2.4.1-2.3mdv2008.1.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-i18n-2.4.1-2.3mdv2008.1.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-meanwhile-2.4.1-2.3mdv2008.1.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-mono-2.4.1-2.3mdv2008.1.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-perl-2.4.1-2.3mdv2008.1.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-silc-2.4.1-2.3mdv2008.1.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-tcl-2.4.1-2.3mdv2008.1.i586.rpm
http://www.mandriva.com/en/download/
Ubuntu Ubuntu Linux 8.04 LTS powerpc
-
Ubuntu finch-dev_2.4.1-1ubuntu2.2_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/finch-dev_2.4.1-1 ubuntu2.2_all.deb -
Ubuntu finch_2.4.1-1ubuntu2.2_powerpc.deb
http://ports.ubuntu.com/pool/main/p/pidgin/finch_2.4.1-1ubuntu2.2_powe rpc.deb -
Ubuntu gaim_2.4.1-1ubuntu2.2_all.deb
http://security.ubuntu.com/ubuntu/pool/universe/p/pidgin/gaim_2.4.1-1u buntu2.2_all.deb -
Ubuntu libpurple-bin_2.4.1-1ubuntu2.2_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple-bin_2.4 .1-1ubuntu2.2_all.deb -
Ubuntu libpurple-dev_2.4.1-1ubuntu2.2_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple-dev_2.4 .1-1ubuntu2.2_all.deb -
Ubuntu libpurple0_2.4.1-1ubuntu2.2_powerpc.deb
http://ports.ubuntu.com/pool/main/p/pidgin/libpurple0_2.4.1-1ubuntu2.2 _powerpc.deb -
Ubuntu pidgin-data_2.4.1-1ubuntu2.2_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-data_2.4.1 -1ubuntu2.2_all.deb -
Ubuntu pidgin-dbg_2.4.1-1ubuntu2.2_powerpc.deb
http://ports.ubuntu.com/pool/main/p/pidgin/pidgin-dbg_2.4.1-1ubuntu2.2 _powerpc.deb -
Ubuntu pidgin-dev_2.4.1-1ubuntu2.2_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-dev_2.4.1- 1ubuntu2.2_all.deb -
Ubuntu pidgin_2.4.1-1ubuntu2.2_powerpc.deb
http://ports.ubuntu.com/pool/main/p/pidgin/pidgin_2.4.1-1ubuntu2.2_pow erpc.deb
Ubuntu Ubuntu Linux 8.04 LTS sparc
-
Ubuntu finch-dev_2.4.1-1ubuntu2.2_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/finch-dev_2.4.1-1 ubuntu2.2_all.deb -
Ubuntu finch_2.4.1-1ubuntu2.2_sparc.deb
http://ports.ubuntu.com/pool/main/p/pidgin/finch_2.4.1-1ubuntu2.2_spar c.deb -
Ubuntu gaim_2.4.1-1ubuntu2.2_all.deb
http://security.ubuntu.com/ubuntu/pool/universe/p/pidgin/gaim_2.4.1-1u buntu2.2_all.deb -
Ubuntu libpurple-bin_2.4.1-1ubuntu2.2_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple-bin_2.4 .1-1ubuntu2.2_all.deb -
Ubuntu libpurple-dev_2.4.1-1ubuntu2.2_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple-dev_2.4 .1-1ubuntu2.2_all.deb -
Ubuntu libpurple0_2.4.1-1ubuntu2.2_sparc.deb
http://ports.ubuntu.com/pool/main/p/pidgin/libpurple0_2.4.1-1ubuntu2.2 _sparc.deb -
Ubuntu pidgin-data_2.4.1-1ubuntu2.2_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-data_2.4.1 -1ubuntu2.2_all.deb -
Ubuntu pidgin-dbg_2.4.1-1ubuntu2.2_sparc.deb
http://ports.ubuntu.com/pool/main/p/pidgin/pidgin-dbg_2.4.1-1ubuntu2.2 _sparc.deb -
Ubuntu pidgin-dev_2.4.1-1ubuntu2.2_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-dev_2.4.1- 1ubuntu2.2_all.deb -
Ubuntu pidgin_2.4.1-1ubuntu2.2_sparc.deb
http://ports.ubuntu.com/pool/main/p/pidgin/pidgin_2.4.1-1ubuntu2.2_spa rc.deb
Ubuntu Ubuntu Linux 7.10 amd64
-
Ubuntu finch-dev_2.2.1-1ubuntu4.3_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/finch-dev_2.2.1-1 ubuntu4.3_all.deb -
Ubuntu finch_2.2.1-1ubuntu4.3_amd64.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/finch_2.2.1-1ubun tu4.3_amd64.deb -
Ubuntu gaim_2.2.1-1ubuntu4.3_all.deb
http://security.ubuntu.com/ubuntu/pool/universe/p/pidgin/gaim_2.2.1-1u buntu4.3_all.deb -
Ubuntu libpurple-bin_2.2.1-1ubuntu4.3_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple-bin_2.2 .1-1ubuntu4.3_all.deb -
Ubuntu libpurple-dev_2.2.1-1ubuntu4.3_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple-dev_2.2 .1-1ubuntu4.3_all.deb -
Ubuntu libpurple0_2.2.1-1ubuntu4.3_amd64.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple0_2.2.1- 1ubuntu4.3_amd64.deb -
Ubuntu pidgin-data_2.2.1-1ubuntu4.3_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-data_2.2.1 -1ubuntu4.3_all.deb -
Ubuntu pidgin-dbg_2.2.1-1ubuntu4.3_amd64.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-dbg_2.2.1- 1ubuntu4.3_amd64.deb -
Ubuntu pidgin-dev_2.2.1-1ubuntu4.3_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-dev_2.2.1- 1ubuntu4.3_all.deb -
Ubuntu pidgin_2.2.1-1ubuntu4.3_amd64.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin_2.2.1-1ubu ntu4.3_amd64.deb
Mandriva Linux Mandrake 2008.0 x86_64
-
Mandriva finch-2.6.2-0.1mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva lib64finch0-2.6.2-0.1mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva lib64purple-devel-2.6.2-0.1mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva lib64purple0-2.6.2-0.1mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-2.6.2-0.1mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-bonjour-2.6.2-0.1mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-client-2.6.2-0.1mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-gevolution-2.6.2-0.1mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-i18n-2.6.2-0.1mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-meanwhile-2.6.2-0.1mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-mono-2.6.2-0.1mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-perl-2.6.2-0.1mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-plugins-2.6.2-0.1mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-silc-2.6.2-0.1mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-tcl-2.6.2-0.1mdv2008.0.x86_64.rpm
http://www.mandriva.com/en/download/
Ubuntu Ubuntu Linux 8.04 LTS amd64
-
Ubuntu finch-dev_2.4.1-1ubuntu2.2_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/finch-dev_2.4.1-1 ubuntu2.2_all.deb -
Ubuntu finch_2.4.1-1ubuntu2.2_amd64.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/finch_2.4.1-1ubun tu2.2_amd64.deb -
Ubuntu gaim_2.4.1-1ubuntu2.2_all.deb
http://security.ubuntu.com/ubuntu/pool/universe/p/pidgin/gaim_2.4.1-1u buntu2.2_all.deb -
Ubuntu libpurple-bin_2.4.1-1ubuntu2.2_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple-bin_2.4 .1-1ubuntu2.2_all.deb -
Ubuntu libpurple-dev_2.4.1-1ubuntu2.2_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple-dev_2.4 .1-1ubuntu2.2_all.deb -
Ubuntu libpurple0_2.4.1-1ubuntu2.2_amd64.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple0_2.4.1- 1ubuntu2.2_amd64.deb -
Ubuntu pidgin-data_2.4.1-1ubuntu2.2_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-data_2.4.1 -1ubuntu2.2_all.deb -
Ubuntu pidgin-dbg_2.4.1-1ubuntu2.2_amd64.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-dbg_2.4.1- 1ubuntu2.2_amd64.deb -
Ubuntu pidgin-dev_2.4.1-1ubuntu2.2_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-dev_2.4.1- 1ubuntu2.2_all.deb -
Ubuntu pidgin_2.4.1-1ubuntu2.2_amd64.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin_2.4.1-1ubu ntu2.2_amd64.deb
Mandriva Linux Mandrake 2008.0
-
Mandriva finch-2.6.2-0.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva libfinch0-2.6.2-0.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva libpurple-devel-2.6.2-0.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva libpurple0-2.6.2-0.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-2.6.2-0.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-bonjour-2.6.2-0.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-client-2.6.2-0.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-gevolution-2.6.2-0.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-i18n-2.6.2-0.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-meanwhile-2.6.2-0.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-mono-2.6.2-0.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-perl-2.6.2-0.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-plugins-2.6.2-0.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-silc-2.6.2-0.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/ -
Mandriva pidgin-tcl-2.6.2-0.1mdv2008.0.i586.rpm
http://www.mandriva.com/en/download/
Ubuntu Ubuntu Linux 7.10 sparc
-
Ubuntu finch-dev_2.2.1-1ubuntu4.3_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/finch-dev_2.2.1-1 ubuntu4.3_all.deb -
Ubuntu finch_2.2.1-1ubuntu4.3_sparc.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/finch_2.2.1-1ubun tu4.3_sparc.deb -
Ubuntu gaim_2.2.1-1ubuntu4.3_all.deb
http://security.ubuntu.com/ubuntu/pool/universe/p/pidgin/gaim_2.2.1-1u buntu4.3_all.deb -
Ubuntu libpurple-bin_2.2.1-1ubuntu4.3_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple-bin_2.2 .1-1ubuntu4.3_all.deb -
Ubuntu libpurple-dev_2.2.1-1ubuntu4.3_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple-dev_2.2 .1-1ubuntu4.3_all.deb -
Ubuntu libpurple0_2.2.1-1ubuntu4.3_sparc.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple0_2.2.1- 1ubuntu4.3_sparc.deb -
Ubuntu pidgin-data_2.2.1-1ubuntu4.3_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-data_2.2.1 -1ubuntu4.3_all.deb -
Ubuntu pidgin-dbg_2.2.1-1ubuntu4.3_sparc.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-dbg_2.2.1- 1ubuntu4.3_sparc.deb -
Ubuntu pidgin-dev_2.2.1-1ubuntu4.3_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-dev_2.2.1- 1ubuntu4.3_all.deb -
Ubuntu pidgin_2.2.1-1ubuntu4.3_sparc.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin_2.2.1-1ubu ntu4.3_sparc.deb
Ubuntu Ubuntu Linux 8.04 LTS lpia
-
Ubuntu finch-dev_2.4.1-1ubuntu2.2_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/finch-dev_2.4.1-1 ubuntu2.2_all.deb -
Ubuntu finch_2.4.1-1ubuntu2.2_lpia.deb
http://ports.ubuntu.com/pool/main/p/pidgin/finch_2.4.1-1ubuntu2.2_lpia .deb -
Ubuntu gaim_2.4.1-1ubuntu2.2_all.deb
http://security.ubuntu.com/ubuntu/pool/universe/p/pidgin/gaim_2.4.1-1u buntu2.2_all.deb -
Ubuntu libpurple-bin_2.4.1-1ubuntu2.2_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple-bin_2.4 .1-1ubuntu2.2_all.deb -
Ubuntu libpurple-dev_2.4.1-1ubuntu2.2_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple-dev_2.4 .1-1ubuntu2.2_all.deb -
Ubuntu libpurple0_2.4.1-1ubuntu2.2_lpia.deb
http://ports.ubuntu.com/pool/main/p/pidgin/libpurple0_2.4.1-1ubuntu2.2 _lpia.deb -
Ubuntu pidgin-data_2.4.1-1ubuntu2.2_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-data_2.4.1 -1ubuntu2.2_all.deb -
Ubuntu pidgin-dbg_2.4.1-1ubuntu2.2_lpia.deb
http://ports.ubuntu.com/pool/main/p/pidgin/pidgin-dbg_2.4.1-1ubuntu2.2 _lpia.deb -
Ubuntu pidgin-dev_2.4.1-1ubuntu2.2_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-dev_2.4.1- 1ubuntu2.2_all.deb -
Ubuntu pidgin_2.4.1-1ubuntu2.2_lpia.deb
http://ports.ubuntu.com/pool/main/p/pidgin/pidgin_2.4.1-1ubuntu2.2_lpi a.deb
Ubuntu Ubuntu Linux 7.10 lpia
-
Ubuntu finch-dev_2.2.1-1ubuntu4.3_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/finch-dev_2.2.1-1 ubuntu4.3_all.deb -
Ubuntu finch_2.2.1-1ubuntu4.3_lpia.deb
http://ports.ubuntu.com/pool/main/p/pidgin/finch_2.2.1-1ubuntu4.3_lpia .deb -
Ubuntu gaim_2.2.1-1ubuntu4.3_all.deb
http://security.ubuntu.com/ubuntu/pool/universe/p/pidgin/gaim_2.2.1-1u buntu4.3_all.deb -
Ubuntu libpurple-bin_2.2.1-1ubuntu4.3_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple-bin_2.2 .1-1ubuntu4.3_all.deb -
Ubuntu libpurple-dev_2.2.1-1ubuntu4.3_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/libpurple-dev_2.2 .1-1ubuntu4.3_all.deb -
Ubuntu libpurple0_2.2.1-1ubuntu4.3_lpia.deb
http://ports.ubuntu.com/pool/main/p/pidgin/libpurple0_2.2.1-1ubuntu4.3 _lpia.deb -
Ubuntu pidgin-data_2.2.1-1ubuntu4.3_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-data_2.2.1 -1ubuntu4.3_all.deb -
Ubuntu pidgin-dbg_2.2.1-1ubuntu4.3_lpia.deb
http://ports.ubuntu.com/pool/main/p/pidgin/pidgin-dbg_2.2.1-1ubuntu4.3 _lpia.deb -
Ubuntu pidgin-dev_2.2.1-1ubuntu4.3_all.deb
http://security.ubuntu.com/ubuntu/pool/main/p/pidgin/pidgin-dev_2.2.1- 1ubuntu4.3_all.deb -
Ubuntu pidgin_2.2.1-1ubuntu4.3_lpia.deb
http://ports.ubuntu.com/pool/main/p/pidgin/pidgin_2.2.1-1ubuntu4.3_lpi a.deb
Pidgin Pidgin 2.4.3
-
Pidgin nss-cert-verify.patch
http://developer.pidgin.im/attachment/ticket/6500/nss-cert-verify.patc h
References
Pidgin NSS plugin SSL Certificate Validation Security Bypass Vulnerability
References:
References:
- Connects to Jabber server with bad SSL certificates without warning (Josh Triplett)
- NSS plugin doesn't verify SSL certificates (Pidgin)
- Pidgin Homepage (Pidgin)