CVE-2016-9928

MCabber before 1.0.4 is vulnerable to roster push attacks, which allows remote attackers to intercept communications, or add themselves as an entity on a 3rd partys roster as another user, which will also garner associated privileges, via crafted XMPP packets.

Weakness

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Affected Software

Potential Mitigations

Related Attack Patterns

• https://cwe.mitre.org/data/definitions/122.html
• https://cwe.mitre.org/data/definitions/233.html
• https://cwe.mitre.org/data/definitions/58.html

References

• http://lists.opensuse.org/opensuse-updates/2017-01/msg00130.html
• http://www.openwall.com/lists/oss-security/2016/12/11/2
• http://www.openwall.com/lists/oss-security/2017/02/09/29
• http://www.securityfocus.com/bid/94862
• https://bitbucket.org/McKael/mcabber-crew/commits/6e1ead98930d7dd0a520ad17c720ae4908429033/raw
• https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845258
• https://bugzilla.redhat.com/show_bug.cgi?id=1403790
• https://gultsch.de/gajim_roster_push_and_message_interception.html
• https://lists.debian.org/debian-lts-announce/2020/06/msg00031.html
• https://usn.ubuntu.com/4506-1/
• http://lists.opensuse.org/opensuse-updates/2017-01/msg00130.html
• http://www.openwall.com/lists/oss-security/2016/12/11/2
• http://www.openwall.com/lists/oss-security/2017/02/09/29
• http://www.securityfocus.com/bid/94862
• https://bitbucket.org/McKael/mcabber-crew/commits/6e1ead98930d7dd0a520ad17c720ae4908429033/raw
• https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=845258
• https://bugzilla.redhat.com/show_bug.cgi?id=1403790
• https://gultsch.de/gajim_roster_push_and_message_interception.html
• https://lists.debian.org/debian-lts-announce/2020/06/msg00031.html
• https://usn.ubuntu.com/4506-1/