Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4671

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2012-4671
Last Modified 27 Aug 2012 12:00:00
Published 25 Aug 2012 12:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-4671

Summary

psyced before 20120821 does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via responses for domains that were not asserted.

Vulnerable Systems

Application

  • Psyced 20081120

  • Psyced 20090323

  • Psyced 20090617

  • Psyced 20111122


References

MISC - http://xmpp.org/resources/security-notices/server-dialback/

CONFIRM - http://www.psyced.org/files/psyced-20120821.tar.bz2


Last Updated: 27 May 2016 11:00:20