29 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-5591
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An incorrect implementation of XEP-0280: Message Carbons in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the...
SUSE CVE-2017-5591
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for SleekXMPP up to 1.3.1 and...
[SECURITY] Fedora 36 Update: python-slixmpp-1.8.3-1.fc36
Slixmpp is an MIT licensed XMPP library for Python 3.5+. It is a fork of SleekXMPP. Goals is to only rewrite the core of the library the low level socket handling, the timers, the events dispatching in order to remove all threads...
SleekXMPP and Slixmpp Incorrect Implementation of Message Carbons
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for SleekXMPP up to 1.3.1 and...
GHSA-C35G-JR5F-H83P SleekXMPP and Slixmpp Incorrect Implementation of Message Carbons
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for SleekXMPP up to 1.3.1 and...
[SECURITY] Fedora 30 Update: python-slixmpp-1.4.2-1.fc30
Slixmpp is an MIT licensed XMPP library for Python 3.5+. It is a fork of SleekXMPP. Goals is to only rewrite the core of the library the low level socket handling, the timers, the events dispatching in order to remove all threads...
Fedora 26 : python-sleekxmpp (2017-68bd2a916e)
Update to latest upstream release 1.3.2 to fix CVE-2017-5591 rhbz1421077 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...
Fedora 25 : python-sleekxmpp (2017-99ad80f109)
Update to latest upstream release 1.3.2 to fix CVE-2017-5591 rhbz1421077 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...
Fedora Update for python-sleekxmpp FEDORA-2017-99ad80f109
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for python-sleekxmpp FEDORA-2017-97e65f13bb
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 24 : python-sleekxmpp (2017-97e65f13bb)
Update to latest upstream release 1.3.2 to fix CVE-2017-5591 rhbz1421077 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...
[SECURITY] Fedora 25 Update: python-sleekxmpp-1.3.2-1.fc25
SleekXMPP is a flexible XMPP library for python that allows you to create clients, components or servers for the XMPP protocol. Plug-ins can be create to cover every current or future XEP...
[SECURITY] Fedora 26 Update: python-sleekxmpp-1.3.2-1.fc26
SleekXMPP is a flexible XMPP library for python that allows you to create clients, components or servers for the XMPP protocol. Plug-ins can be create to cover every current or future XEP...
Poezio/SleekXMPP/Slixmpp User Emulation Vulnerability
XMPP is Extensible Messaging and Presence Protocol, a set of open technologies for instant messaging, multi-party chat, voice and video calls. A user emulation vulnerability exists in Poezio/SleekXMPP/Slixmpp. An attacker can exploit this vulnerability to emulate arbitrary users, leading to furth...
Social Engineering Attack Via Impersonation
slixmpp and sleekxmpp are vulnerable to social engineering attacks via a loophole leading to impersonation. It happens due to a flaw in the implementation of XEP-0280: Message Carbons in multiple XMPP clients, allowing a malicious user to impersonate any user, including contacts in the vulnerable...
XMPP Clients User Impersonation Vulnerability
Exploit for multiple platform in category local exploits Multiple XMPP Clients User Impersonation Vulnerability Summary ------- An incorrect implementation of XEP-0280: Message Carbons0 in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerabl...
Design/Logic Flaw
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for SleekXMPP up to 1.3.1 and...
PYSEC-2017-104
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for SleekXMPP up to 1.3.1 and...
DEBIAN-CVE-2017-5591
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for SleekXMPP up to 1.3.1 and...
CVE-2017-5591
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for SleekXMPP up to 1.3.1 and...