OSVDB ID: 85091

Title: Apple Mac OS X iChat Server XMPP Server Dialback Response Spoofing Weakness

Info

Disclosure

Aug 21, 2012

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Apple Mac OS X iChat Server contains a flaw related to the verification of XMPP Server Dialback responses for unasserted domains. This may allow a remote XMPP server to spoof domains.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Solution Unknown
Exploit: Exploit Unknown
Disclosure: Uncoordinated Disclosure

Solution

OSVDB is not aware of a solution for this vulnerability.

Products

Apple Inc.

Mac OS X iChat Server

Unspecified

References

CVE ID: 2012-4672 (see also: NVD)
Other Advisory URL: http://xmpp.org/resources/security-notices/server-dialback/

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/85091