Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4669

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2012-4669
Last Modified 27 Aug 2012 12:00:00
Published 25 Aug 2012 12:55:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-4669

Summary

M-Link R14.6 before R14.6v14 and R15.1 before R15.1v10 does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via responses for domains that were not asserted.

Vulnerable Systems

Application

  • Isode M-link 14.6

  • Isode M-link 15.1


References

MISC - http://xmpp.org/resources/security-notices/server-dialback/

CONFIRM - http://isode.com/company/wordpress/xmpp-server-dialback/


Last Updated: 27 May 2016 11:00:20