CVE-2016-0756 - OpenCVE

The generate_dialback function in the mod_dialback module in Prosody before 0.9.10 does not properly separate fields when generating dialback keys, which allows remote attackers to spoof XMPP network domains via a crafted stream id and domain name that is included in the target domain as a suffix.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Prosody	Prosody

Configuration 1 [-]

cpe:2.3:a:prosody:prosody:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://blog.prosody.im/prosody-0-9-10-released/
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176796.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176914.html
http://www.debian.org/security/2016/dsa-3463
http://www.openwall.com/lists/oss-security/2016/01/27/10
http://www.securityfocus.com/bid/82241
https://prosody.im/issues/issue/596
https://prosody.im/security/advisory_20160127/

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2016-01-29T20:00:00

Updated: 2024-08-05T22:30:04.031Z

Reserved: 2015-12-16T00:00:00

Link: CVE-2016-0756

Vulnrichment

No data.

NVD

Status : Modified

Published: 2016-01-29T20:59:06.560

Modified: 2016-12-06T03:05:43.847

Link: CVE-2016-0756

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-01-27T00:00:00", "descriptions": [{"lang": "en", "value": "The generate_dialback function in the mod_dialback module in Prosody before 0.9.10 does not properly separate fields when generating dialback keys, which allows remote attackers to spoof XMPP network domains via a crafted stream id and domain name that is included in the target domain as a suffix."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-12-02T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "FEDORA-2016-e2c5111eda", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176796.html"}, {"name": "82241", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/82241"}, {"name": "FEDORA-2016-5a5c85c5a8", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176914.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://prosody.im/issues/issue/596"}, {"name": "[oss-security] 20160127 CVE-2016-0756: Prosody XMPP server: insecure dialback key generation/validation algorithm", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/01/27/10"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://blog.prosody.im/prosody-0-9-10-released/"}, {"name": "DSA-3463", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2016/dsa-3463"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://prosody.im/security/advisory_20160127/"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T22:30:04.031Z"}, "title": "CVE Program Container", "references": [{"name": "FEDORA-2016-e2c5111eda", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176796.html"}, {"name": "82241", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/82241"}, {"name": "FEDORA-2016-5a5c85c5a8", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176914.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://prosody.im/issues/issue/596"}, {"name": "[oss-security] 20160127 CVE-2016-0756: Prosody XMPP server: insecure dialback key generation/validation algorithm", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2016/01/27/10"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://blog.prosody.im/prosody-0-9-10-released/"}, {"name": "DSA-3463", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2016/dsa-3463"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://prosody.im/security/advisory_20160127/"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2016-0756", "datePublished": "2016-01-29T20:00:00", "dateReserved": "2015-12-16T00:00:00", "dateUpdated": "2024-08-05T22:30:04.031Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:prosody:prosody:*:*:*:*:*:*:*:*", "matchCriteriaId": "7335EF0B-26AC-4407-880D-9A92F5D5D722", "versionEndIncluding": "0.9.9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The generate_dialback function in the mod_dialback module in Prosody before 0.9.10 does not properly separate fields when generating dialback keys, which allows remote attackers to spoof XMPP network domains via a crafted stream id and domain name that is included in the target domain as a suffix."}, {"lang": "es", "value": "La funci\u00f3n generate_dialback en el m\u00f3dulo mod_dialback en Prosody en versiones anteriores a 0.9.10 no separa campos correctamente cuando genera claves de devoluci\u00f3n de llamada, lo que permite a atacantes remotos suplantar dominios de red XMPP a trav\u00e9s de una identidad de flujo y un nombre de dominio manipulados que est\u00e1n incluidos en el dominio objetivo como un sufijo."}], "id": "CVE-2016-0756", "lastModified": "2016-12-06T03:05:43.847", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-01-29T20:59:06.560", "references": [{"source": "secalert@redhat.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://blog.prosody.im/prosody-0-9-10-released/"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176796.html"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176914.html"}, {"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2016/dsa-3463"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2016/01/27/10"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/82241"}, {"source": "secalert@redhat.com", "url": "https://prosody.im/issues/issue/596"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://prosody.im/security/advisory_20160127/"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}