Описание
Multiple unspecified vulnerabilities in BitlBee before 1.2.3 allow remote attackers to "overwrite" and "hijack" existing accounts via unknown vectors related to "inconsistent handling of the USTATUS_IDENTIFIED state." NOTE: this issue exists because of an incomplete fix for CVE-2008-3920.
Multiple unspecified vulnerabilities in BitlBee before 1.2.3 allow remote attackers to "overwrite" and "hijack" existing accounts via unknown vectors related to "inconsistent handling of the USTATUS_IDENTIFIED state." NOTE: this issue exists because of an incomplete fix for CVE-2008-3920.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-3969
- https://bugzilla.redhat.com/show_bug.cgi?id=461424
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45132
- https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00587.html
- http://secunia.com/advisories/31690
- http://secunia.com/advisories/31991
- http://security.gentoo.org/glsa/glsa-200809-14.xml
- http://www.bitlbee.org/main.php/changelog.html
- http://www.bitlbee.org/main.php/news.r.html
- http://www.openwall.com/lists/oss-security/2008/09/08/1
- http://www.openwall.com/lists/oss-security/2008/09/09/11
- http://www.securityfocus.com/bid/31342
EPSS
CVE ID
Связанные уязвимости
Multiple unspecified vulnerabilities in BitlBee before 1.2.3 allow remote attackers to "overwrite" and "hijack" existing accounts via unknown vectors related to "inconsistent handling of the USTATUS_IDENTIFIED state." NOTE: this issue exists because of an incomplete fix for CVE-2008-3920.
Multiple unspecified vulnerabilities in BitlBee before 1.2.3 allow remote attackers to "overwrite" and "hijack" existing accounts via unknown vectors related to "inconsistent handling of the USTATUS_IDENTIFIED state." NOTE: this issue exists because of an incomplete fix for CVE-2008-3920.
Multiple unspecified vulnerabilities in BitlBee before 1.2.3 allow rem ...
EPSS