43 matches found
PT-2012-4784 · Jabberd2 · Jabberd2
Name of the Vulnerable Software and Affected Versions: jabberd2 versions 2.2.16 and earlier Description: The issue arises from the lack of verification in s2s/out.c for requests related to XMPP Server Dialback responses. This allows remote XMPP servers to spoof domains by sending either a Verify...
FreeBSD : jabberd -- domain spoofing in server dialback protocol (4d1d2f6d-ec94-11e1-8bd8-0022156e8794)
XMPP Standards Foundation reports : Some implementations of the XMPP Server Dialback protocol RFC 3920/XEP-0220 have not been checking dialback responses to ensure that validated results are correlated with requests. An attacking server could spoof one or more domains in communicating with a...
jabberd -- domain spoofing in server dialback protocol
XMPP Standards Foundation reports: Some implementations of the XMPP Server Dialback protocol RFC 3920/XEP-0220 have not been checking dialback responses to ensure that validated results are correlated with requests. An attacking server could spoof one or more domains in communicating with a...