CVE-2012-3525
Published Aug 25, 2012
Last updated 2 years ago
Overview
- Description
- s2s/out.c in jabberd2 2.2.16 and earlier does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via a (1) Verify Response or (2) Authorization Response.
- Source
- secalert@redhat.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5.8
- Impact score
- 4.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-20
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jabber2:jabberd2:2.1.19:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "24C9A9BA-FC37-4FED-B03B-02FD87DF4B51"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9AA058DB-6786-489E-B560-1AE154607AAC",
"versionEndIncluding": "2.2.16"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "38A57C87-1E18-4DEC-864F-BFECA74FB8D1"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8B3405FB-CEBD-4E9B-809C-CC436DB491CB"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F7C16361-0A6A-46F1-9154-0EBAEF9424DA"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB738B5C-F549-4171-93F8-821F06D09B6B"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "136B0689-05C4-47AF-BCFC-5BAAD62DD2A5"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BA729702-72F3-4BB4-8647-8938DDCA65B0"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E32A9A5F-7669-4EC1-804E-8FDAD5FD3FAA"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "713D733B-C056-4A87-A0F3-669BD2B97EA2"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5B695154-C52C-4A26-AB56-B9D301268BB9"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "33D8A7D9-1565-4CA2-832B-3B5A800E7185"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "64DA6F74-7F66-4C47-A05A-1F1143FEBF24"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9A7B360C-9222-4862-A1A3-D939D8E5B906"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BCC4B150-E318-430D-AB53-7FC4235534E2"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2E0A1409-AA29-4393-AF76-38D2F6621BDC"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B389FE79-E88D-4BD3-A3DB-5015FF9E78C1"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "12B9B5DE-912B-4D76-A428-2A614918C1B9"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.16:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ACCAEDE2-B0C2-48CB-B0C3-594A6569B904"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.17:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C1B73387-35EC-440C-8B93-879BD66E39F8"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.18:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "47426695-4686-4736-B27E-6800ACB43CF9"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6F846FB8-DCDA-4A24-9DD7-2F9C9AC3833F"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.21:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8C9B9D48-5848-4313-9EDF-FDE562875EDB"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.22:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AB5C31E5-2441-4C53-9E10-3AB33FCF11A5"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.23:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "703383CD-DF8D-4DA1-B322-8DE9E847A8CA"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.1.24:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B8A9F0E1-0A41-4C98-8467-0578D98AD0BA"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "769A2F0A-816C-458A-B579-CE8BB8FF5A12"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C0BD3313-4CF5-44EE-91EC-D6F0C23D0342"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0D3E1C3C-FB3B-4941-A879-0F351959EB8B"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "98EE2C3A-67C4-45D5-80EE-3819F5AB1133"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB4C94F7-4093-46B5-9B2E-9F3B2BD462DB"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2D9B7918-C678-4CE8-97B1-52AF3E17A356"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "10D9719B-B6AE-4AA1-9767-FD85DE12782B"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5C64CA72-E6D6-4981-AA23-447EA7FAFD7C"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "57CE98F9-FA6B-49D0-8410-BCD188E2F64C"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "64A5D6D9-D045-4A0A-BBAB-21F2C228BC2D"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "595AFA35-92B5-4957-A2AA-DF9E09990438"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "45836D34-A47C-49F6-9A1A-3F8160611058"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "89ED36F8-4D8C-406E-BE8A-F8C374227F8A"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "28D0CB97-3F6A-4CD6-A9A4-2F6743E13F35"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9923E4E2-ADB1-4729-97AE-C4EA19D5E6C2"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "69E01C9E-5B90-4044-B002-87A741CA6AA0"
},
{
"criteria": "cpe:2.3:a:jabberd2:jabberd2:2.2.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9042F295-2C75-4260-9A3F-A7A225B36EB1"
}
],
"operator": "OR"
}
]
}
]