Lucene search
RedHatRHSA-2012:1538HistoryDec 04, 2012 - 12:00 a.m.
(RHSA-2012:1538) Low: Red Hat Network Satellite server jabberd security update
2012-12-0400:00:00
access.redhat.com
11
0.005 Low
EPSS
Percentile
77.1%
This package provides jabberd 2, an Extensible Messaging and Presence
Protocol (XMPP) server used for XML based communication.
It was discovered that the XMPP Dialback protocol implementation in
jabberd 2 did not properly validate Verify Response and Authorization
Response messages. A remote attacker able to connect to the jabberd’s
server-to-server communication port could possibly use this flaw to spoof
source domains of the XMPP messages. (CVE-2012-3525)
Users of Red Hat Network Satellite 5.5 are advised to upgrade to this
updated jabberd package, which resolves this issue. For this update to take
effect, Red Hat Network Satellite must be restarted. Refer to the Solution
section for details.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 6 | x86_64 | jabberd | < 2.2.8-20.el6sat | jabberd-2.2.8-20.el6sat.x86_64.rpm |
| RedHat | 5 | src | jabberd | < 2.2.8-20.el5sat | jabberd-2.2.8-20.el5sat.src.rpm |
| RedHat | 6 | src | jabberd | < 2.2.8-20.el6sat | jabberd-2.2.8-20.el6sat.src.rpm |
| RedHat | 5 | x86_64 | jabberd | < 2.2.8-20.el5sat | jabberd-2.2.8-20.el5sat.x86_64.rpm |
| RedHat | 6 | s390x | jabberd | < 2.2.8-20.el6sat | jabberd-2.2.8-20.el6sat.s390x.rpm |
| RedHat | 5 | s390x | jabberd | < 2.2.8-20.el5sat | jabberd-2.2.8-20.el5sat.s390x.rpm |
Related
nessus
nessus
RHEL 5 / 6 : Red Hat Network Satellite server jabberd (RHSA-2012:1538)
2013-01-24 00:00:00
Fedora 18 : jabberd-2.2.17-1.fc18 (2012-12418)
2012-09-18 00:00:00
Fedora 17 : jabberd-2.2.14-4.fc17 (2012-12487)
2012-09-04 00:00:00
openvas
openvas
Fedora Update for jabberd FEDORA-2012-12487
2012-09-04 00:00:00
Fedora Update for jabberd FEDORA-2012-12487
2012-09-04 00:00:00
Fedora Update for jabberd FEDORA-2012-12481
2012-09-04 00:00:00
ubuntucve
ubuntucve
CVE-2012-3525
2012-08-25 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: jabberd-2.2.14-4.fc16
2012-09-03 00:48:18
[SECURITY] Fedora 17 Update: jabberd-2.2.14-4.fc17
2012-09-03 00:48:32
[SECURITY] Fedora 18 Update: jabberd-2.2.17-1.fc18
2012-09-17 23:29:13
redhat
redhat
(RHSA-2012:1539) Low: Red Hat Network Proxy server jabberd security update
2012-12-04 00:00:00
veracode
veracode
Spoofable Domains
2019-01-15 08:51:01
prion
prion
Server side request forgery (ssrf)
2012-08-25 16:55:00
nvd
nvd
CVE-2012-3525
2012-08-25 16:55:00
freebsd
freebsd
jabberd -- domain spoofing in server dialback protocol
2012-08-21 00:00:00
debiancve
debiancve
CVE-2012-3525
2012-08-25 16:55:00
cvelist
cvelist
CVE-2012-3525
2012-08-25 16:00:00
cve
cve
CVE-2012-3525
2012-08-25 16:55:00
securityvulns
securityvulns
Apple Mac OS X multiple security vulnerabilities
2013-03-24 00:00:00