CVE-2012-3525

Published Aug 25, 2012
Last updated 2 years ago
CVSS info 5.8
Overview

Description: s2s/out.c in jabberd2 2.2.16 and earlier does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via a (1) Verify Response or (2) Authorization Response.
Source: secalert@redhat.com
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 5.8
Impact score: 4.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:P/A:N
Weaknesses

nvd@nist.gov: CWE-20
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:jabber2:jabberd2:2.1.19:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "24C9A9BA-FC37-4FED-B03B-02FD87DF4B51"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9AA058DB-6786-489E-B560-1AE154607AAC",
            "versionEndIncluding": "2.2.16"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "38A57C87-1E18-4DEC-864F-BFECA74FB8D1"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8B3405FB-CEBD-4E9B-809C-CC436DB491CB"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F7C16361-0A6A-46F1-9154-0EBAEF9424DA"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB738B5C-F549-4171-93F8-821F06D09B6B"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "136B0689-05C4-47AF-BCFC-5BAAD62DD2A5"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BA729702-72F3-4BB4-8647-8938DDCA65B0"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E32A9A5F-7669-4EC1-804E-8FDAD5FD3FAA"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "713D733B-C056-4A87-A0F3-669BD2B97EA2"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B695154-C52C-4A26-AB56-B9D301268BB9"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33D8A7D9-1565-4CA2-832B-3B5A800E7185"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "64DA6F74-7F66-4C47-A05A-1F1143FEBF24"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9A7B360C-9222-4862-A1A3-D939D8E5B906"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BCC4B150-E318-430D-AB53-7FC4235534E2"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2E0A1409-AA29-4393-AF76-38D2F6621BDC"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B389FE79-E88D-4BD3-A3DB-5015FF9E78C1"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "12B9B5DE-912B-4D76-A428-2A614918C1B9"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ACCAEDE2-B0C2-48CB-B0C3-594A6569B904"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C1B73387-35EC-440C-8B93-879BD66E39F8"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "47426695-4686-4736-B27E-6800ACB43CF9"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F846FB8-DCDA-4A24-9DD7-2F9C9AC3833F"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8C9B9D48-5848-4313-9EDF-FDE562875EDB"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AB5C31E5-2441-4C53-9E10-3AB33FCF11A5"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.23:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "703383CD-DF8D-4DA1-B322-8DE9E847A8CA"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.24:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B8A9F0E1-0A41-4C98-8467-0578D98AD0BA"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "769A2F0A-816C-458A-B579-CE8BB8FF5A12"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C0BD3313-4CF5-44EE-91EC-D6F0C23D0342"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0D3E1C3C-FB3B-4941-A879-0F351959EB8B"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "98EE2C3A-67C4-45D5-80EE-3819F5AB1133"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB4C94F7-4093-46B5-9B2E-9F3B2BD462DB"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D9B7918-C678-4CE8-97B1-52AF3E17A356"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "10D9719B-B6AE-4AA1-9767-FD85DE12782B"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5C64CA72-E6D6-4981-AA23-447EA7FAFD7C"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "57CE98F9-FA6B-49D0-8410-BCD188E2F64C"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "64A5D6D9-D045-4A0A-BBAB-21F2C228BC2D"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "595AFA35-92B5-4957-A2AA-DF9E09990438"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "45836D34-A47C-49F6-9A1A-3F8160611058"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "89ED36F8-4D8C-406E-BE8A-F8C374227F8A"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28D0CB97-3F6A-4CD6-A9A4-2F6743E13F35"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9923E4E2-ADB1-4729-97AE-C4EA19D5E6C2"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "69E01C9E-5B90-4044-B002-87A741CA6AA0"
          },
          {
            "criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9042F295-2C75-4260-9A3F-A7A225B36EB1"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
