MidnightBSD

Advisories for jabber2

CVE-2012-3525 MEDIUM

s2s/out.c in jabberd2 2.2.16 and earlier does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via a (1) Verify Response or (2) Authorization Response.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
jabberd2 jabberd2 2.1.20
jabberd2 jabberd2 2.1.22
jabberd2 jabberd2 2.1.2
jabberd2 jabberd2 2.2.2
jabberd2 jabberd2 2.1.10
jabberd2 jabberd2 2.2.13
jabberd2 jabberd2 2.1.18
jabberd2 jabberd2 2.2.3
jabberd2 jabberd2 2.2.4
jabberd2 jabberd2 2.1.21
jabberd2 jabberd2 2.1.4
jabberd2 jabberd2 2.2.5
jabberd2 jabberd2 2.1.1
jabberd2 jabberd2 2.1.7
jabberd2 jabberd2 2.1.14
jabberd2 jabberd2 2.1.15
jabberd2 jabberd2 2.1.17
jabberd2 jabberd2 2.2.7.1
jabberd2 jabberd2 2.1.3
jabberd2 jabberd2 2.1.23
jabberd2 jabberd2 *
jabberd2 jabberd2 2.1.11
jabberd2 jabberd2 2.1.16
jabberd2 jabberd2 2.2.7
jabberd2 jabberd2 2.1.12
jabberd2 jabberd2 2.2.1
jabberd2 jabberd2 2.1.8
jabberd2 jabberd2 2.2.6
jabberd2 jabberd2 2.2.0
jabberd2 jabberd2 2.1.24
jabberd2 jabberd2 2.2.15
jabberd2 jabberd2 2.2.12
jabberd2 jabberd2 2.1.5
jabberd2 jabberd2 2.2.11
jabberd2 jabberd2 2.1
jabberd2 jabberd2 2.1.6
jabberd2 jabberd2 2.1.9
jabberd2 jabberd2 2.2.9
jabberd2 jabberd2 2.2.10
jabberd2 jabberd2 2.1.13
jabberd2 jabberd2 2.2.8
jabberd2 jabberd2 2.2.14
jabber2 jabberd2 2.1.19