Lucene search
Veracode Vulnerability DatabaseVERACODE:3547HistoryFeb 10, 2017 - 1:55 a.m.
Social Engineering Attack Via Impersonation
2017-02-1001:55:19
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
0.002 Low
EPSS
Percentile
59.3%
slixmpp and sleekxmpp are vulnerable to social engineering attacks via a loophole leading to impersonation. It happens due to a flaw in the implementation of XEP-0280: Message Carbons in multiple XMPP clients, allowing a malicious user to impersonate any user, including contacts in the vulnerable application’s display.
Related
nessus
nessus
Fedora 24 : python-sleekxmpp (2017-97e65f13bb)
2017-04-13 00:00:00
Fedora 25 : python-sleekxmpp (2017-99ad80f109)
2017-04-13 00:00:00
Fedora 26 : python-sleekxmpp (2017-68bd2a916e)
2017-07-17 00:00:00
ubuntucve
ubuntucve
CVE-2017-5591
2017-02-09 00:00:00
nvd
nvd
CVE-2017-5591
2017-02-09 20:59:00
zdt
zdt
XMPP Clients User Impersonation Vulnerability
2017-02-10 00:00:00
prion
prion
Design/Logic Flaw
2017-02-09 20:59:00
openvas
openvas
Fedora Update for python-sleekxmpp FEDORA-2017-99ad80f109
2017-04-13 00:00:00
Fedora Update for python-sleekxmpp FEDORA-2017-97e65f13bb
2017-04-13 00:00:00
fedora
fedora
[SECURITY] Fedora 25 Update: python-sleekxmpp-1.3.2-1.fc25
2017-04-12 20:24:15
[SECURITY] Fedora 26 Update: python-sleekxmpp-1.3.2-1.fc26
2017-04-12 14:54:58
[SECURITY] Fedora 24 Update: python-sleekxmpp-1.3.2-1.fc24
2017-04-12 19:50:48
cvelist
cvelist
CVE-2017-5591
2017-02-09 20:00:00
debiancve
debiancve
CVE-2017-5591
2017-02-09 20:59:00
github
github
SleekXMPP and Slixmpp Incorrect Implementation of Message Carbons
2022-05-13 01:28:46
cve
cve
CVE-2017-5591
2017-02-09 20:59:00
osv
osv