Описание
s2s/out.c in jabberd2 2.2.16 and earlier does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via a (1) Verify Response or (2) Authorization Response.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2.2.8-2.2ubuntu1 |
| hardy | released | 2.0s11-1ubuntu4.2 |
| lucid | released | 2.2.8-2ubuntu4.0.10.04.2 |
| natty | ignored | end of life |
| oneiric | released | 2.2.8-2ubuntu6.1 |
| precise | released | 2.2.8-2.2ubuntu0.12.04.1 |
| quantal | released | 2.2.8-2.2ubuntu1 |
| upstream | needs-triage |
Показывать по
EPSS
5.8 Medium
CVSS2
Связанные уязвимости
s2s/out.c in jabberd2 2.2.16 and earlier does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via a (1) Verify Response or (2) Authorization Response.
s2s/out.c in jabberd2 2.2.16 and earlier does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via a (1) Verify Response or (2) Authorization Response.
s2s/out.c in jabberd2 2.2.16 and earlier does not verify that a reques ...
s2s/out.c in jabberd2 2.2.16 and earlier does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via a (1) Verify Response or (2) Authorization Response.
EPSS
5.8 Medium
CVSS2