CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2016-10027
https://notcve.org/view.php?id=CVE-2016-10027
Race condition in the XMPP library in Smack before 4.1.9, when the SecurityMode.required TLS setting has been set, allows man-in-the-middle attackers to bypass TLS protections and trigger use of cleartext for client authentication by stripping the "starttls" feature from a server response. Condición de carrera en la librería XMPP en Smack en versiones anteriores a 4.1.9, cuando se ha establecido la configuración TLS SecurityMode.required, permite a atacantes man-in-the-middle eludir las protecciones TLS y desencadenar el uso de texto plano para la autenticación del cliente eliminando la función "starttls" de una respuesta del servidor. • http://www.openwall.com/lists/oss-security/2016/12/22/12 http://www.securityfocus.com/bid/95129 https://community.igniterealtime.org/blogs/ignite/2016/11/22/smack-security-advisory-2016-11-22 https://github.com/igniterealtime/Smack/commit/059ee99ba0d5ff7758829acf5a9aeede09ec820b https://github.com/igniterealtime/Smack/commit/a9d5cd4a611f47123f9561bc5a81a4555fe7cb04 https://issues.igniterealtime.org/projects/SMACK/issues/SMACK-739 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-0363 – smack: incorrect X.509 certificate validation
https://notcve.org/view.php?id=CVE-2014-0363
The ServerTrustManager component in the Ignite Realtime Smack XMPP API before 4.0.0-rc1 does not verify basicConstraints and nameConstraints in X.509 certificate chains from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate chain. El componente ServerTrustManager en la API Ignite Realtime Smack XMPP anterior a 4.0.0-rc1 no verifica las extensiones basicConstraints y nameConstraints en cadenas de certificados X.509 de servidores SSL, lo que permite a un atacante ealizar un ataque man-in-the-middle, falsificar servidores y obtener información sensible a través de una cadena de certificados manipulados. It was found that the ServerTrustManager in the Smack XMPP API did not verify basicConstraints and nameConstraints in X.509 certificate chains. A man-in-the-middle attacker could use this flaw to spoof servers and obtain sensitive information. • http://community.igniterealtime.org/blogs/ignite/2014/04/17/asmack-400-rc1-has-been-released http://issues.igniterealtime.org/browse/SMACK-410 http://rhn.redhat.com/errata/RHSA-2015-1176.html http://secunia.com/advisories/59290 http://secunia.com/advisories/59291 http://www.kb.cert.org/vuls/id/489228 http://www.securityfocus.com/bid/67119 https://access.redhat.com/security/cve/CVE-2014-0363 https://bugzilla.redhat.com/show_bug.cgi?id=1093273 • CWE-295: Improper Certificate Validation •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2014-0364 – smack: IQ response spoofing
https://notcve.org/view.php?id=CVE-2014-0364
The ParseRoster component in the Ignite Realtime Smack XMPP API before 4.0.0-rc1 does not verify the from attribute of a roster-query IQ stanza, which allows remote attackers to spoof IQ responses via a crafted attribute. El componente ParseRoster en la API Ignite Realtime Smack XMPP anterior a 4.0.0-rc1 no verifica el atributo from de la cadena roster-query IQ, lo que permite a atacantes remotos falsificar respuestas IQ a través de un atributo manipulado. It was found that the ParseRoster component in the Smack XMPP API did not verify the From attribute of a roster-query IQ stanza. A remote attacker could use this flaw to spoof IQ responses. • http://community.igniterealtime.org/blogs/ignite/2014/04/17/asmack-400-rc1-has-been-released http://rhn.redhat.com/errata/RHSA-2015-1176.html http://secunia.com/advisories/59290 http://secunia.com/advisories/59291 http://www.kb.cert.org/vuls/id/489228 http://www.securityfocus.com/bid/67124 https://access.redhat.com/security/cve/CVE-2014-0364 https://bugzilla.redhat.com/show_bug.cgi?id=1093276 • CWE-345: Insufficient Verification of Data Authenticity •