6 matches found
EUVD-2012-4597
Malware in sbrugna...
Apple iChat Server XMPP回拨保护组件安全绕过漏洞
Bugtraq ID:55294 CVE ID:CVE-2012-4672 Apple iChat Server是基于jabberd14,以Apple的iChat在线聊天客户端命名。 Apple iChat Server中的XMPP回拨协议实现存在一个安全缺陷,不正确校验"Verify Response"和"Authorization Response"消息,一个伪造的XMPP服务器可利用此缺陷伪造一个或多个域,当与受影响服务器实现通信时,可导致绕过XMPP服务器回拨保护。 0 Apple iChat Server 厂商解决方案 目前没有详细解决方案提供:...
CVE-2012-4672
Apple iChat Server does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via responses for domains that were not asserted...
Server side request forgery (ssrf)
Apple iChat Server does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via responses for domains that were not asserted...
CVE-2012-4672
Apple iChat Server does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via responses for domains that were not asserted...
CVE-2012-4672
CVE-2012-4672 corresponds to Apple iChat Server, which is based on jabberd14. The issue is that the server does not verify that a request was made for an XMPP Server Dialback response, allowing a remote XMPP server to spoof domains via responses for domains that were not asserted. This is a fault...