FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  454426
Date:      2017-11-18
Time:      11:38:23Z
Committer: brnrd

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
4d1d2f6d-ec94-11e1-8bd8-0022156e8794jabberd -- domain spoofing in server dialback protocol

XMPP Standards Foundation reports:

Some implementations of the XMPP Server Dialback protocol (RFC 3920/XEP-0220) have not been checking dialback responses to ensure that validated results are correlated with requests.

An attacking server could spoof one or more domains in communicating with a vulnerable server implementation, thereby avoiding the protections built into the Server Dialback protocol.

Discovery 2012-08-21
Entry 2012-08-23
lt 2.2.16_2