A vulnerability was found in MCabber up to 1.0.3 and classified as critical. This issue affects some unknown functionality of the component XMPP Packet Handler. The manipulation with an unknown input leads to a privileges management vulnerability. Using CWE to declare the problem leads to CWE-269. The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor. Impacted is confidentiality, integrity, and availability. The summary by CVE is:

MCabber before 1.0.4 is vulnerable to roster push attacks, which allows remote attackers to intercept communications, or add themselves as an entity on a 3rd party's roster as another user, which will also garner associated privileges, via crafted XMPP packets.

The weakness was published 04/21/2023. It is possible to read the advisory at lists.opensuse.org. The identification of this vulnerability is CVE-2016-9928 since 12/11/2016. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. Technical details are unknown but a public exploit is available. The attack technique deployed by this issue is T1068 according to MITRE ATT&CK.

The exploit is available at lists.opensuse.org. It is declared as proof-of-concept. The commercial vulnerability scanner Qualys is able to test this issue with plugin 169681 (OpenSuSE Security Update for python3-sleekxmpp (openSUSE-SU-2017:0259-1)).

Upgrading to version 1.0.4 eliminates this vulnerability.

The vulnerability is also documented in the vulnerability database at SecurityFocus (BID 94862†). If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Productinfo

Name

• MCabber

Version

• 1.0.0
• 1.0.1
• 1.0.2
• 1.0.3

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion