34 matches found
CVE-2019-16236
Dino before 2019-09-10 does not check roster push authorization in module/roster/module.vala...
EUVD-2016-10715
Malware in sbrugna...
EUVD-2019-7043
Malware in sbrugna...
Debian: Security Advisory (DLA-413-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-724-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2015-8688
Gajim before 0.16.5 allows remote attackers to modify the roster and intercept messages via a crafted roster-push IQ stanza...
SUSE CVE-2016-9928
MCabber before 1.0.4 is vulnerable to roster push attacks, which allows remote attackers to intercept communications, or add themselves as an entity on a 3rd party's roster as another user, which will also garner associated privileges, via crafted XMPP packets...
Mageia: Security Advisory (MGASA-2016-0433)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4506-1 mcabber vulnerability
It was discovered that MCabber does not properly manage roster pushes. An attacker could possibly use this issue to remotely perform machine-in-the-middle attacks. CVE-2016-9928...
Debian: Security Advisory (DLA-2260-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-2260-1 : mcabber security update
It was discovered that there was a 'roster push attack' in mcabber, a console-based Jabber XMPP client. This is identical to CVE-2015-8688 for gajim. For Debian 8 'Jessie', this problem has been fixed in version 0.10.2-1+deb8u1. We recommend that you upgrade your mcabber packages. NOTE: Tenable...
[SECURITY] [DLA 2260-1] mcabber security update
Package : mcabber Version : 0.10.2-1+deb8u1 CVE ID : CVE-2016-9928 It was discovered that there was a "roster push attack" in mcabber, a console-based Jabber XMPP client. This is identical to CVE-2015-8688 for gajim. For Debian 8 "Jessie", this problem has been fixed in version 0.10.2-1+deb8u1. W...
CVE-2016-9928
MCabber before 1.0.4 is vulnerable to roster push attacks, which allows remote attackers to intercept communications, or add themselves as an entity on a 3rd party's roster as another user, which will also garner associated privileges, via crafted XMPP packets...
CVE-2016-9928
MCabber before 1.0.4 is vulnerable to roster push attacks, which allows remote attackers to intercept communications, or add themselves as an entity on a 3rd party's roster as another user, which will also garner associated privileges, via crafted XMPP packets...
DEBIAN-CVE-2016-9928
MCabber before 1.0.4 is vulnerable to roster push attacks, which allows remote attackers to intercept communications, or add themselves as an entity on a 3rd party's roster as another user, which will also garner associated privileges, via crafted XMPP packets...
CVE-2016-9928
MCabber before 1.0.4 is vulnerable to roster push attacks, which allows remote attackers to intercept communications, or add themselves as an entity on a 3rd party's roster as another user, which will also garner associated privileges, via crafted XMPP packets...
UBUNTU-CVE-2016-9928
MCabber before 1.0.4 is vulnerable to roster push attacks, which allows remote attackers to intercept communications, or add themselves as an entity on a 3rd party's roster as another user, which will also garner associated privileges, via crafted XMPP packets...
CVE-2016-9928
MCabber before 1.0.4 is vulnerable to roster push attacks, which allows remote attackers to intercept communications, or add themselves as an entity on a 3rd party's roster as another user, which will also garner associated privileges, via crafted XMPP packets...
CVE-2016-9928
CVE-2016-9928 affects MCabber prior to 1.0.4. The vulnerability arises from improper handling of roster pushes in XMPP, allowing a remote attacker to intercept communications or add themselves as another user in a third party’s roster, potentially gaining privileges. Multiple advisories reference...
CVE-2016-9928
MCabber before 1.0.4 is vulnerable to roster push attacks, which allows remote attackers to intercept communications, or add themselves as an entity on a 3rd party's roster as another user, which will also garner associated privileges, via crafted XMPP packets...