Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
18 vulnerabilities found for Bitlbee by Bitlbee
FKIE_CVE-2012-1187
Vulnerability from fkie_nvd - Published: 2019-10-29 19:15 - Updated: 2024-11-21 01:36
Severity ?
Summary
Bitlbee does not drop extra group privileges correctly in unix.c
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/security/cve/cve-2012-1187 | Broken Link | |
| secalert@redhat.com | https://bugs.bitlbee.org/ticket/852 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1187 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://security-tracker.debian.org/tracker/CVE-2012-1187 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/cve-2012-1187 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.bitlbee.org/ticket/852 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1187 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security-tracker.debian.org/tracker/CVE-2012-1187 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE5A6EA-373C-4D60-B335-3100ED207BFD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Bitlbee does not drop extra group privileges correctly in unix.c"
},
{
"lang": "es",
"value": "Bitlbee, no elimina correctamente los privilegios extras de grupo en el archivo unix.c"
}
],
"id": "CVE-2012-1187",
"lastModified": "2024-11-21T01:36:37.387",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-29T19:15:13.377",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
],
"url": "https://access.redhat.com/security/cve/cve-2012-1187"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.bitlbee.org/ticket/852"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1187"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1187"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://access.redhat.com/security/cve/cve-2012-1187"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.bitlbee.org/ticket/852"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1187"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1187"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-273"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-5668
Vulnerability from fkie_nvd - Published: 2017-03-14 14:59 - Updated: 2025-04-20 01:37
Severity ?
Summary
bitlbee-libpurple before 3.5.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-10189.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| bitlbee | bitlbee | * | |
| bitlbee | bitlbee-libpurple | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79E1B13E-6F21-43C5-AE1B-19F9F698283D",
"versionEndIncluding": "3.4.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee-libpurple:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A13DFB9F-3CF0-4DA6-8167-F361B4611C9B",
"versionEndIncluding": "3.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "bitlbee-libpurple before 3.5.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-10189."
},
{
"lang": "es",
"value": "bitlbee-libpurple en versiones anteriores a 3.5.1 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (referencia a puntero NULL y ca\u00edda) y posiblemente ejecutar c\u00f3digo arbitrario mediante una solicitud de transferencia de archivos para un contacto que no est\u00e1 en la lista de contactos. NOTA: esta vulnerabilidad existe debido a una soluci\u00f3n incompleta para CVE-2016-10189."
}
],
"id": "CVE-2017-5668",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-14T14:59:00.417",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/30/4"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/31/11"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/95932"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.bitlbee.org/ticket/1282"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/bitlbee/bitlbee/commit/30d598ce7cd3f136ee9d7097f39fa9818a272441"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/30/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/31/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95932"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.bitlbee.org/ticket/1282"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/bitlbee/bitlbee/commit/30d598ce7cd3f136ee9d7097f39fa9818a272441"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-10189
Vulnerability from fkie_nvd - Published: 2017-03-14 14:59 - Updated: 2025-04-20 01:37
Severity ?
Summary
BitlBee before 3.5 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| bitlbee | bitlbee | * | |
| bitlbee | bitlbee-libpurple | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79E1B13E-6F21-43C5-AE1B-19F9F698283D",
"versionEndIncluding": "3.4.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee-libpurple:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A13DFB9F-3CF0-4DA6-8167-F361B4611C9B",
"versionEndIncluding": "3.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "BitlBee before 3.5 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list."
},
{
"lang": "es",
"value": "BitlBee en versiones anteriores a 3.5 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (referencia a puntero NULL y ca\u00edda) y posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de una solicitud de transferencia de archivos para un contacto que no est\u00e1 en la lista de contactos."
}
],
"id": "CVE-2016-10189",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-14T14:59:00.387",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2017/dsa-3853"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/30/4"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/31/11"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/95931"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.bitlbee.org/ticket/1282"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/bitlbee/bitlbee/commit/701ab8129ba9ea64f569daedca9a8603abad740f"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3853"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/30/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/31/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95931"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://bugs.bitlbee.org/ticket/1282"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/bitlbee/bitlbee/commit/701ab8129ba9ea64f569daedca9a8603abad740f"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-10188
Vulnerability from fkie_nvd - Published: 2017-03-14 14:59 - Updated: 2025-04-20 01:37
Severity ?
Summary
Use-after-free vulnerability in bitlbee-libpurple before 3.5 allows remote servers to cause a denial of service (crash) or possibly execute arbitrary code by causing a file transfer connection to expire.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.debian.org/security/2017/dsa-3853 | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2017/01/30/4 | Mailing List, Patch, Third Party Advisory | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2017/01/31/11 | Mailing List, Patch, Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/95935 | ||
| cve@mitre.org | https://bugs.bitlbee.org/ticket/1281 | Issue Tracking, Patch, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2017/dsa-3853 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2017/01/30/4 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2017/01/31/11 | Mailing List, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/95935 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.bitlbee.org/ticket/1281 | Issue Tracking, Patch, VDB Entry |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79E1B13E-6F21-43C5-AE1B-19F9F698283D",
"versionEndIncluding": "3.4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in bitlbee-libpurple before 3.5 allows remote servers to cause a denial of service (crash) or possibly execute arbitrary code by causing a file transfer connection to expire."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en bitlbee-libpurple en versiones anteriores a 3.5 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) o posiblemente ejecutar c\u00f3digo arbitrario provocando que una conexi\u00f3n de transferencia de archivos expire."
}
],
"id": "CVE-2016-10188",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-14T14:59:00.340",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2017/dsa-3853"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/30/4"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/31/11"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/95935"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"VDB Entry"
],
"url": "https://bugs.bitlbee.org/ticket/1281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3853"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/30/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/31/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/95935"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"VDB Entry"
],
"url": "https://bugs.bitlbee.org/ticket/1281"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2008-3969
Vulnerability from fkie_nvd - Published: 2008-09-11 01:13 - Updated: 2026-04-23 00:35
Severity ?
Summary
Multiple unspecified vulnerabilities in BitlBee before 1.2.3 allow remote attackers to "overwrite" and "hijack" existing accounts via unknown vectors related to "inconsistent handling of the USTATUS_IDENTIFIED state." NOTE: this issue exists because of an incomplete fix for CVE-2008-3920.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| bitlbee | bitlbee | * | |
| fedoraproject | fedora | 8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22BB0F1F-4F49-44F6-A843-0FF2BD9B7A1E",
"versionEndExcluding": "1.2.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:8:*:*:*:*:*:*:*",
"matchCriteriaId": "72E4DB7F-07C3-46BB-AAA2-05CD0312C57F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in BitlBee before 1.2.3 allow remote attackers to \"overwrite\" and \"hijack\" existing accounts via unknown vectors related to \"inconsistent handling of the USTATUS_IDENTIFIED state.\" NOTE: this issue exists because of an incomplete fix for CVE-2008-3920."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades sin especificar en BitlBee versiones anteriores a 1.2.3 permiten a atacantes remotos \"sobrescribir\" y \"secuestrar\" cuentas existentes a trav\u00e9s de vectores no especificados.\r\nNOTA: esta cuesti\u00f3n existe debido a una incompleta para fijar CVE-2008-3920."
}
],
"id": "CVE-2008-3969",
"lastModified": "2026-04-23T00:35:47.467",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-09-11T01:13:47.743",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31690"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31991"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200809-14.xml"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://www.bitlbee.org/main.php/changelog.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://www.bitlbee.org/main.php/news.r.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/08/1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/09/11"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/31342"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=461424"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45132"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00587.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31690"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200809-14.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://www.bitlbee.org/main.php/changelog.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://www.bitlbee.org/main.php/news.r.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/08/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/09/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/31342"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=461424"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00587.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2008-3920
Vulnerability from fkie_nvd - Published: 2008-09-04 18:41 - Updated: 2026-04-23 00:35
Severity ?
Summary
Unspecified vulnerability in BitlBee before 1.2.2 allows remote attackers to "recreate" and "hijack" existing accounts via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| bitlbee | bitlbee | * | |
| bitlbee | bitlbee | 0.71 | |
| bitlbee | bitlbee | 0.72 | |
| bitlbee | bitlbee | 0.73 | |
| bitlbee | bitlbee | 0.74 | |
| bitlbee | bitlbee | 0.74 | |
| bitlbee | bitlbee | 0.80 | |
| bitlbee | bitlbee | 0.81 | |
| bitlbee | bitlbee | 0.81 | |
| bitlbee | bitlbee | 0.82 | |
| bitlbee | bitlbee | 0.83 | |
| bitlbee | bitlbee | 0.84 | |
| bitlbee | bitlbee | 0.85 | |
| bitlbee | bitlbee | 0.85 | |
| bitlbee | bitlbee | 0.90 | |
| bitlbee | bitlbee | 0.90 | |
| bitlbee | bitlbee | 0.91 | |
| bitlbee | bitlbee | 0.92 | |
| bitlbee | bitlbee | 0.93 | |
| bitlbee | bitlbee | 0.93 | |
| bitlbee | bitlbee | 0.99 | |
| bitlbee | bitlbee | 1.0 | |
| bitlbee | bitlbee | 1.0.1 | |
| bitlbee | bitlbee | 1.0.2 | |
| bitlbee | bitlbee | 1.0.3 | |
| bitlbee | bitlbee | 1.0.4 | |
| bitlbee | bitlbee | 1.1 | |
| bitlbee | bitlbee | 1.1.1 | |
| bitlbee | bitlbee | 1.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5234626B-088F-43CB-B1CD-7168CF526708",
"versionEndIncluding": "1.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:0.71:*:*:*:*:*:*:*",
"matchCriteriaId": "BA869CB6-9010-4986-BEF0-82A7D90F4B23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:0.72:*:*:*:*:*:*:*",
"matchCriteriaId": "D35463DF-AFFB-4B40-A152-289F5EE4F846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:0.73:*:*:*:*:*:*:*",
"matchCriteriaId": "DBBBBA08-87CB-4B30-9787-5AA2131E7850",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:0.74:*:*:*:*:*:*:*",
"matchCriteriaId": "4572DCBA-1396-4F11-BAAC-93ACE8D89A33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:0.74:a:*:*:*:*:*:*",
"matchCriteriaId": "B1A38CA9-577C-40B4-8BE0-CB6F5F34C14A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "6DAC042F-12A1-46C9-9E38-772AF3453E58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:0.81:*:*:*:*:*:*:*",
"matchCriteriaId": "9B9F5418-451E-4EC1-B8BE-5B40C26E3426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:0.81:a:*:*:*:*:*:*",
"matchCriteriaId": "19F35887-A34F-44F9-8F7A-AE5E890A4338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:0.82:*:*:*:*:*:*:*",
"matchCriteriaId": "18EA0FF0-603D-42B1-AB11-CFDB8F3BBDA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:0.83:*:*:*:*:*:*:*",
"matchCriteriaId": "15E60F85-3752-4C72-AA65-F6966D229C44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:0.84:*:*:*:*:*:*:*",
"matchCriteriaId": "1AF48476-6959-49B6-855A-D6AA9B4D60B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:0.85:*:*:*:*:*:*:*",
"matchCriteriaId": "FC95F758-AE0E-4A66-944D-B81B58FE83AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:0.85:a:*:*:*:*:*:*",
"matchCriteriaId": "A57B7ED0-7059-4742-8F76-B1FE1A4C391F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "330A1A1D-D49D-4D1B-92D2-9A4B370CC2BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:0.90:a:*:*:*:*:*:*",
"matchCriteriaId": "0E59BD57-69E2-4817-B9AC-5493521F0E16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "57780106-63FE-4689-AD84-6D6037F9DB13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "45A04FA0-6357-47D0-A1E1-501906CDBB9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "98AE68C3-3EF3-4CAF-B567-AD9178807136",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:0.93:a:*:*:*:*:*:*",
"matchCriteriaId": "AEBF00E7-3B11-4CC9-BF19-557FBF7246A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:0.99:*:*:*:*:*:*:*",
"matchCriteriaId": "4F892102-902D-400B-836F-8FDE99882554",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C864877F-81D6-4C86-8BEB-88437E84B8F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DA332C38-688D-4F7D-937C-24EC22C36C10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9D76DADC-BDCE-43BE-AA3B-582A6A8BCE85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7845BB36-FA0A-4934-8C57-EE0FF3AEE3C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "ADCB7D85-8880-4BC8-9C81-A585476748B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:1.1:dev:*:*:*:*:*:*",
"matchCriteriaId": "6F79D42E-252A-4C2D-9D74-B545A8B6F746",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:1.1.1:dev:*:*:*:*:*:*",
"matchCriteriaId": "09FC7E58-BB36-46A1-91AD-D858B6CAB133",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitlbee:bitlbee:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B6CBB5AA-DF56-47AA-BB50-0EC87931D1C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in BitlBee before 1.2.2 allows remote attackers to \"recreate\" and \"hijack\" existing accounts via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en BitlBee versiones anteriores a 1.2.2 permite a atacantes remotos \"recrear\" y \"secuestrar\" cuentas existentes a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2008-3920",
"lastModified": "2026-04-23T00:35:47.467",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-09-04T18:41:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bitlbee.org/main.php/changelog.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31633"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31690"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31991"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200809-14.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/30858"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460355"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44699"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00045.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00335.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00692.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bitlbee.org/main.php/changelog.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31633"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31690"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200809-14.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/30858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460355"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44699"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00045.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00335.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00692.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
},
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2012-1187 (GCVE-0-2012-1187)
Vulnerability from cvelistv5 – Published: 2019-10-29 13:00 – Updated: 2024-08-06 18:53
VLAI?
Summary
Bitlbee does not drop extra group privileges correctly in unix.c
Severity ?
No CVSS data available.
CWE
- does not drop extra group privileges
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:36.263Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1187"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1187"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2012-1187"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.bitlbee.org/ticket/852"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Bitlbee",
"vendor": "Bitlbee",
"versions": [
{
"status": "affected",
"version": "3.0.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Bitlbee does not drop extra group privileges correctly in unix.c"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "does not drop extra group privileges",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-29T13:00:11.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1187"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1187"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/cve/cve-2012-1187"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.bitlbee.org/ticket/852"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1187",
"datePublished": "2019-10-29T13:00:11.000Z",
"dateReserved": "2012-02-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:53:36.263Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-10189 (GCVE-0-2016-10189)
Vulnerability from cvelistv5 – Published: 2017-03-14 14:00 – Updated: 2024-08-06 03:14
VLAI?
Summary
BitlBee before 3.5 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2016-11-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:14:42.351Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95931",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95931"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.bitlbee.org/ticket/1282"
},
{
"name": "DSA-3853",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3853"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/bitlbee/bitlbee/commit/701ab8129ba9ea64f569daedca9a8603abad740f"
},
{
"name": "[oss-security] 20170131 Re: CVE Request - Remote DoS vulnerabilities in BitlBee",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/31/11"
},
{
"name": "[oss-security] 20170130 CVE Request - Remote DoS vulnerabilities in BitlBee",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/30/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-11-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "BitlBee before 3.5 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-03T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "95931",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95931"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.bitlbee.org/ticket/1282"
},
{
"name": "DSA-3853",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3853"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bitlbee/bitlbee/commit/701ab8129ba9ea64f569daedca9a8603abad740f"
},
{
"name": "[oss-security] 20170131 Re: CVE Request - Remote DoS vulnerabilities in BitlBee",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/31/11"
},
{
"name": "[oss-security] 20170130 CVE Request - Remote DoS vulnerabilities in BitlBee",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/30/4"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10189",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "BitlBee before 3.5 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95931",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95931"
},
{
"name": "https://bugs.bitlbee.org/ticket/1282",
"refsource": "CONFIRM",
"url": "https://bugs.bitlbee.org/ticket/1282"
},
{
"name": "DSA-3853",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3853"
},
{
"name": "https://github.com/bitlbee/bitlbee/commit/701ab8129ba9ea64f569daedca9a8603abad740f",
"refsource": "CONFIRM",
"url": "https://github.com/bitlbee/bitlbee/commit/701ab8129ba9ea64f569daedca9a8603abad740f"
},
{
"name": "[oss-security] 20170131 Re: CVE Request - Remote DoS vulnerabilities in BitlBee",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/01/31/11"
},
{
"name": "[oss-security] 20170130 CVE Request - Remote DoS vulnerabilities in BitlBee",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/01/30/4"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-10189",
"datePublished": "2017-03-14T14:00:00.000Z",
"dateReserved": "2017-01-31T00:00:00.000Z",
"dateUpdated": "2024-08-06T03:14:42.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5668 (GCVE-0-2017-5668)
Vulnerability from cvelistv5 – Published: 2017-03-14 14:00 – Updated: 2024-08-05 15:11
VLAI?
Summary
bitlbee-libpurple before 3.5.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-10189.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Date Public ?
2016-11-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:11:47.379Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.bitlbee.org/ticket/1282"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/bitlbee/bitlbee/commit/30d598ce7cd3f136ee9d7097f39fa9818a272441"
},
{
"name": "95932",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95932"
},
{
"name": "[oss-security] 20170131 Re: CVE Request - Remote DoS vulnerabilities in BitlBee",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/31/11"
},
{
"name": "[oss-security] 20170130 CVE Request - Remote DoS vulnerabilities in BitlBee",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/30/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-11-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "bitlbee-libpurple before 3.5.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-10189."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-15T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.bitlbee.org/ticket/1282"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bitlbee/bitlbee/commit/30d598ce7cd3f136ee9d7097f39fa9818a272441"
},
{
"name": "95932",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95932"
},
{
"name": "[oss-security] 20170131 Re: CVE Request - Remote DoS vulnerabilities in BitlBee",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/31/11"
},
{
"name": "[oss-security] 20170130 CVE Request - Remote DoS vulnerabilities in BitlBee",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/30/4"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5668",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "bitlbee-libpurple before 3.5.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-10189."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.bitlbee.org/ticket/1282",
"refsource": "CONFIRM",
"url": "https://bugs.bitlbee.org/ticket/1282"
},
{
"name": "https://github.com/bitlbee/bitlbee/commit/30d598ce7cd3f136ee9d7097f39fa9818a272441",
"refsource": "CONFIRM",
"url": "https://github.com/bitlbee/bitlbee/commit/30d598ce7cd3f136ee9d7097f39fa9818a272441"
},
{
"name": "95932",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95932"
},
{
"name": "[oss-security] 20170131 Re: CVE Request - Remote DoS vulnerabilities in BitlBee",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/01/31/11"
},
{
"name": "[oss-security] 20170130 CVE Request - Remote DoS vulnerabilities in BitlBee",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/01/30/4"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-5668",
"datePublished": "2017-03-14T14:00:00.000Z",
"dateReserved": "2017-01-31T00:00:00.000Z",
"dateUpdated": "2024-08-05T15:11:47.379Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-10188 (GCVE-0-2016-10188)
Vulnerability from cvelistv5 – Published: 2017-03-14 14:00 – Updated: 2024-08-06 03:14
VLAI?
Summary
Use-after-free vulnerability in bitlbee-libpurple before 3.5 allows remote servers to cause a denial of service (crash) or possibly execute arbitrary code by causing a file transfer connection to expire.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Date Public ?
2017-01-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:14:42.315Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3853",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3853"
},
{
"name": "95935",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95935"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.bitlbee.org/ticket/1281"
},
{
"name": "[oss-security] 20170131 Re: CVE Request - Remote DoS vulnerabilities in BitlBee",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/31/11"
},
{
"name": "[oss-security] 20170130 CVE Request - Remote DoS vulnerabilities in BitlBee",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/30/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-01-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in bitlbee-libpurple before 3.5 allows remote servers to cause a denial of service (crash) or possibly execute arbitrary code by causing a file transfer connection to expire."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-03T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-3853",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3853"
},
{
"name": "95935",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95935"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.bitlbee.org/ticket/1281"
},
{
"name": "[oss-security] 20170131 Re: CVE Request - Remote DoS vulnerabilities in BitlBee",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/31/11"
},
{
"name": "[oss-security] 20170130 CVE Request - Remote DoS vulnerabilities in BitlBee",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/30/4"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10188",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in bitlbee-libpurple before 3.5 allows remote servers to cause a denial of service (crash) or possibly execute arbitrary code by causing a file transfer connection to expire."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3853",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3853"
},
{
"name": "95935",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95935"
},
{
"name": "https://bugs.bitlbee.org/ticket/1281",
"refsource": "CONFIRM",
"url": "https://bugs.bitlbee.org/ticket/1281"
},
{
"name": "[oss-security] 20170131 Re: CVE Request - Remote DoS vulnerabilities in BitlBee",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/01/31/11"
},
{
"name": "[oss-security] 20170130 CVE Request - Remote DoS vulnerabilities in BitlBee",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/01/30/4"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-10188",
"datePublished": "2017-03-14T14:00:00.000Z",
"dateReserved": "2017-01-31T00:00:00.000Z",
"dateUpdated": "2024-08-06T03:14:42.315Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3969 (GCVE-0-2008-3969)
Vulnerability from cvelistv5 – Published: 2008-09-10 15:00 – Updated: 2024-08-07 10:00
VLAI?
Summary
Multiple unspecified vulnerabilities in BitlBee before 1.2.3 allow remote attackers to "overwrite" and "hijack" existing accounts via unknown vectors related to "inconsistent handling of the USTATUS_IDENTIFIED state." NOTE: this issue exists because of an incomplete fix for CVE-2008-3920.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
Date Public ?
2008-09-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:00:42.590Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20080908 Re: CVE request for bitlbee",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/08/1"
},
{
"name": "FEDORA-2008-7761",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00587.html"
},
{
"name": "31342",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31342"
},
{
"name": "[oss-security] 20080909 Re: CVE request for bitlbee",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/09/11"
},
{
"name": "bitlbee-multiple-unspecified-security-bypass(45132)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45132"
},
{
"name": "GLSA-200809-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200809-14.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=461424"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.bitlbee.org/main.php/changelog.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.bitlbee.org/main.php/news.r.html"
},
{
"name": "31991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31991"
},
{
"name": "31690",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31690"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in BitlBee before 1.2.3 allow remote attackers to \"overwrite\" and \"hijack\" existing accounts via unknown vectors related to \"inconsistent handling of the USTATUS_IDENTIFIED state.\" NOTE: this issue exists because of an incomplete fix for CVE-2008-3920."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20080908 Re: CVE request for bitlbee",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/08/1"
},
{
"name": "FEDORA-2008-7761",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00587.html"
},
{
"name": "31342",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31342"
},
{
"name": "[oss-security] 20080909 Re: CVE request for bitlbee",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/09/11"
},
{
"name": "bitlbee-multiple-unspecified-security-bypass(45132)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45132"
},
{
"name": "GLSA-200809-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200809-14.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=461424"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.bitlbee.org/main.php/changelog.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.bitlbee.org/main.php/news.r.html"
},
{
"name": "31991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31991"
},
{
"name": "31690",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31690"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2008-3969",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in BitlBee before 1.2.3 allow remote attackers to \"overwrite\" and \"hijack\" existing accounts via unknown vectors related to \"inconsistent handling of the USTATUS_IDENTIFIED state.\" NOTE: this issue exists because of an incomplete fix for CVE-2008-3920."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20080908 Re: CVE request for bitlbee",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/09/08/1"
},
{
"name": "FEDORA-2008-7761",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00587.html"
},
{
"name": "31342",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31342"
},
{
"name": "[oss-security] 20080909 Re: CVE request for bitlbee",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/09/09/11"
},
{
"name": "bitlbee-multiple-unspecified-security-bypass(45132)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45132"
},
{
"name": "GLSA-200809-14",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200809-14.xml"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=461424",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=461424"
},
{
"name": "http://www.bitlbee.org/main.php/changelog.html",
"refsource": "CONFIRM",
"url": "http://www.bitlbee.org/main.php/changelog.html"
},
{
"name": "http://www.bitlbee.org/main.php/news.r.html",
"refsource": "CONFIRM",
"url": "http://www.bitlbee.org/main.php/news.r.html"
},
{
"name": "31991",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31991"
},
{
"name": "31690",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31690"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2008-3969",
"datePublished": "2008-09-10T15:00:00.000Z",
"dateReserved": "2008-09-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T10:00:42.590Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3920 (GCVE-0-2008-3920)
Vulnerability from cvelistv5 – Published: 2008-09-04 18:00 – Updated: 2024-08-07 10:00
VLAI?
Summary
Unspecified vulnerability in BitlBee before 1.2.2 allows remote attackers to "recreate" and "hijack" existing accounts via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
Date Public ?
2008-08-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:00:41.112Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bitlbee.org/main.php/changelog.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460355"
},
{
"name": "30858",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30858"
},
{
"name": "GLSA-200809-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200809-14.xml"
},
{
"name": "FEDORA-2008-7712",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00335.html"
},
{
"name": "31633",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31633"
},
{
"name": "FEDORA-2008-7274",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00045.html"
},
{
"name": "31991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31991"
},
{
"name": "31690",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31690"
},
{
"name": "bitlbee-unspecified-security-bypass(44699)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44699"
},
{
"name": "FEDORA-2008-7830",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00692.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in BitlBee before 1.2.2 allows remote attackers to \"recreate\" and \"hijack\" existing accounts via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bitlbee.org/main.php/changelog.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460355"
},
{
"name": "30858",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30858"
},
{
"name": "GLSA-200809-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200809-14.xml"
},
{
"name": "FEDORA-2008-7712",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00335.html"
},
{
"name": "31633",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31633"
},
{
"name": "FEDORA-2008-7274",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00045.html"
},
{
"name": "31991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31991"
},
{
"name": "31690",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31690"
},
{
"name": "bitlbee-unspecified-security-bypass(44699)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44699"
},
{
"name": "FEDORA-2008-7830",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00692.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3920",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in BitlBee before 1.2.2 allows remote attackers to \"recreate\" and \"hijack\" existing accounts via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://bitlbee.org/main.php/changelog.html",
"refsource": "CONFIRM",
"url": "http://bitlbee.org/main.php/changelog.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=460355",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460355"
},
{
"name": "30858",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30858"
},
{
"name": "GLSA-200809-14",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200809-14.xml"
},
{
"name": "FEDORA-2008-7712",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00335.html"
},
{
"name": "31633",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31633"
},
{
"name": "FEDORA-2008-7274",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00045.html"
},
{
"name": "31991",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31991"
},
{
"name": "31690",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31690"
},
{
"name": "bitlbee-unspecified-security-bypass(44699)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44699"
},
{
"name": "FEDORA-2008-7830",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00692.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3920",
"datePublished": "2008-09-04T18:00:00.000Z",
"dateReserved": "2008-09-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T10:00:41.112Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1187 (GCVE-0-2012-1187)
Vulnerability from nvd – Published: 2019-10-29 13:00 – Updated: 2024-08-06 18:53
VLAI?
Summary
Bitlbee does not drop extra group privileges correctly in unix.c
Severity ?
No CVSS data available.
CWE
- does not drop extra group privileges
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:36.263Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1187"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1187"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2012-1187"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.bitlbee.org/ticket/852"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Bitlbee",
"vendor": "Bitlbee",
"versions": [
{
"status": "affected",
"version": "3.0.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Bitlbee does not drop extra group privileges correctly in unix.c"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "does not drop extra group privileges",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-29T13:00:11.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1187"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1187"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/cve/cve-2012-1187"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.bitlbee.org/ticket/852"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1187",
"datePublished": "2019-10-29T13:00:11.000Z",
"dateReserved": "2012-02-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:53:36.263Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-10189 (GCVE-0-2016-10189)
Vulnerability from nvd – Published: 2017-03-14 14:00 – Updated: 2024-08-06 03:14
VLAI?
Summary
BitlBee before 3.5 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2016-11-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:14:42.351Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95931",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95931"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.bitlbee.org/ticket/1282"
},
{
"name": "DSA-3853",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3853"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/bitlbee/bitlbee/commit/701ab8129ba9ea64f569daedca9a8603abad740f"
},
{
"name": "[oss-security] 20170131 Re: CVE Request - Remote DoS vulnerabilities in BitlBee",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/31/11"
},
{
"name": "[oss-security] 20170130 CVE Request - Remote DoS vulnerabilities in BitlBee",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/30/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-11-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "BitlBee before 3.5 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-03T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "95931",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95931"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.bitlbee.org/ticket/1282"
},
{
"name": "DSA-3853",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3853"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bitlbee/bitlbee/commit/701ab8129ba9ea64f569daedca9a8603abad740f"
},
{
"name": "[oss-security] 20170131 Re: CVE Request - Remote DoS vulnerabilities in BitlBee",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/31/11"
},
{
"name": "[oss-security] 20170130 CVE Request - Remote DoS vulnerabilities in BitlBee",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/30/4"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10189",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "BitlBee before 3.5 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95931",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95931"
},
{
"name": "https://bugs.bitlbee.org/ticket/1282",
"refsource": "CONFIRM",
"url": "https://bugs.bitlbee.org/ticket/1282"
},
{
"name": "DSA-3853",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3853"
},
{
"name": "https://github.com/bitlbee/bitlbee/commit/701ab8129ba9ea64f569daedca9a8603abad740f",
"refsource": "CONFIRM",
"url": "https://github.com/bitlbee/bitlbee/commit/701ab8129ba9ea64f569daedca9a8603abad740f"
},
{
"name": "[oss-security] 20170131 Re: CVE Request - Remote DoS vulnerabilities in BitlBee",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/01/31/11"
},
{
"name": "[oss-security] 20170130 CVE Request - Remote DoS vulnerabilities in BitlBee",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/01/30/4"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-10189",
"datePublished": "2017-03-14T14:00:00.000Z",
"dateReserved": "2017-01-31T00:00:00.000Z",
"dateUpdated": "2024-08-06T03:14:42.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-5668 (GCVE-0-2017-5668)
Vulnerability from nvd – Published: 2017-03-14 14:00 – Updated: 2024-08-05 15:11
VLAI?
Summary
bitlbee-libpurple before 3.5.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-10189.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Date Public ?
2016-11-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:11:47.379Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.bitlbee.org/ticket/1282"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/bitlbee/bitlbee/commit/30d598ce7cd3f136ee9d7097f39fa9818a272441"
},
{
"name": "95932",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95932"
},
{
"name": "[oss-security] 20170131 Re: CVE Request - Remote DoS vulnerabilities in BitlBee",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/31/11"
},
{
"name": "[oss-security] 20170130 CVE Request - Remote DoS vulnerabilities in BitlBee",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/30/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-11-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "bitlbee-libpurple before 3.5.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-10189."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-15T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.bitlbee.org/ticket/1282"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/bitlbee/bitlbee/commit/30d598ce7cd3f136ee9d7097f39fa9818a272441"
},
{
"name": "95932",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95932"
},
{
"name": "[oss-security] 20170131 Re: CVE Request - Remote DoS vulnerabilities in BitlBee",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/31/11"
},
{
"name": "[oss-security] 20170130 CVE Request - Remote DoS vulnerabilities in BitlBee",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/30/4"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5668",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "bitlbee-libpurple before 3.5.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a file transfer request for a contact that is not in the contact list. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-10189."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.bitlbee.org/ticket/1282",
"refsource": "CONFIRM",
"url": "https://bugs.bitlbee.org/ticket/1282"
},
{
"name": "https://github.com/bitlbee/bitlbee/commit/30d598ce7cd3f136ee9d7097f39fa9818a272441",
"refsource": "CONFIRM",
"url": "https://github.com/bitlbee/bitlbee/commit/30d598ce7cd3f136ee9d7097f39fa9818a272441"
},
{
"name": "95932",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95932"
},
{
"name": "[oss-security] 20170131 Re: CVE Request - Remote DoS vulnerabilities in BitlBee",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/01/31/11"
},
{
"name": "[oss-security] 20170130 CVE Request - Remote DoS vulnerabilities in BitlBee",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/01/30/4"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-5668",
"datePublished": "2017-03-14T14:00:00.000Z",
"dateReserved": "2017-01-31T00:00:00.000Z",
"dateUpdated": "2024-08-05T15:11:47.379Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-10188 (GCVE-0-2016-10188)
Vulnerability from nvd – Published: 2017-03-14 14:00 – Updated: 2024-08-06 03:14
VLAI?
Summary
Use-after-free vulnerability in bitlbee-libpurple before 3.5 allows remote servers to cause a denial of service (crash) or possibly execute arbitrary code by causing a file transfer connection to expire.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Date Public ?
2017-01-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:14:42.315Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3853",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3853"
},
{
"name": "95935",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95935"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.bitlbee.org/ticket/1281"
},
{
"name": "[oss-security] 20170131 Re: CVE Request - Remote DoS vulnerabilities in BitlBee",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/31/11"
},
{
"name": "[oss-security] 20170130 CVE Request - Remote DoS vulnerabilities in BitlBee",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/30/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-01-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in bitlbee-libpurple before 3.5 allows remote servers to cause a denial of service (crash) or possibly execute arbitrary code by causing a file transfer connection to expire."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-03T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-3853",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3853"
},
{
"name": "95935",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95935"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.bitlbee.org/ticket/1281"
},
{
"name": "[oss-security] 20170131 Re: CVE Request - Remote DoS vulnerabilities in BitlBee",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/31/11"
},
{
"name": "[oss-security] 20170130 CVE Request - Remote DoS vulnerabilities in BitlBee",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/01/30/4"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10188",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-after-free vulnerability in bitlbee-libpurple before 3.5 allows remote servers to cause a denial of service (crash) or possibly execute arbitrary code by causing a file transfer connection to expire."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3853",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3853"
},
{
"name": "95935",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95935"
},
{
"name": "https://bugs.bitlbee.org/ticket/1281",
"refsource": "CONFIRM",
"url": "https://bugs.bitlbee.org/ticket/1281"
},
{
"name": "[oss-security] 20170131 Re: CVE Request - Remote DoS vulnerabilities in BitlBee",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/01/31/11"
},
{
"name": "[oss-security] 20170130 CVE Request - Remote DoS vulnerabilities in BitlBee",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/01/30/4"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-10188",
"datePublished": "2017-03-14T14:00:00.000Z",
"dateReserved": "2017-01-31T00:00:00.000Z",
"dateUpdated": "2024-08-06T03:14:42.315Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3969 (GCVE-0-2008-3969)
Vulnerability from nvd – Published: 2008-09-10 15:00 – Updated: 2024-08-07 10:00
VLAI?
Summary
Multiple unspecified vulnerabilities in BitlBee before 1.2.3 allow remote attackers to "overwrite" and "hijack" existing accounts via unknown vectors related to "inconsistent handling of the USTATUS_IDENTIFIED state." NOTE: this issue exists because of an incomplete fix for CVE-2008-3920.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
Date Public ?
2008-09-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:00:42.590Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20080908 Re: CVE request for bitlbee",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/08/1"
},
{
"name": "FEDORA-2008-7761",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00587.html"
},
{
"name": "31342",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31342"
},
{
"name": "[oss-security] 20080909 Re: CVE request for bitlbee",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/09/11"
},
{
"name": "bitlbee-multiple-unspecified-security-bypass(45132)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45132"
},
{
"name": "GLSA-200809-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200809-14.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=461424"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.bitlbee.org/main.php/changelog.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.bitlbee.org/main.php/news.r.html"
},
{
"name": "31991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31991"
},
{
"name": "31690",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31690"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in BitlBee before 1.2.3 allow remote attackers to \"overwrite\" and \"hijack\" existing accounts via unknown vectors related to \"inconsistent handling of the USTATUS_IDENTIFIED state.\" NOTE: this issue exists because of an incomplete fix for CVE-2008-3920."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20080908 Re: CVE request for bitlbee",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/08/1"
},
{
"name": "FEDORA-2008-7761",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00587.html"
},
{
"name": "31342",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31342"
},
{
"name": "[oss-security] 20080909 Re: CVE request for bitlbee",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/09/11"
},
{
"name": "bitlbee-multiple-unspecified-security-bypass(45132)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45132"
},
{
"name": "GLSA-200809-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200809-14.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=461424"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.bitlbee.org/main.php/changelog.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.bitlbee.org/main.php/news.r.html"
},
{
"name": "31991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31991"
},
{
"name": "31690",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31690"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2008-3969",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in BitlBee before 1.2.3 allow remote attackers to \"overwrite\" and \"hijack\" existing accounts via unknown vectors related to \"inconsistent handling of the USTATUS_IDENTIFIED state.\" NOTE: this issue exists because of an incomplete fix for CVE-2008-3920."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20080908 Re: CVE request for bitlbee",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/09/08/1"
},
{
"name": "FEDORA-2008-7761",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00587.html"
},
{
"name": "31342",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31342"
},
{
"name": "[oss-security] 20080909 Re: CVE request for bitlbee",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/09/09/11"
},
{
"name": "bitlbee-multiple-unspecified-security-bypass(45132)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45132"
},
{
"name": "GLSA-200809-14",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200809-14.xml"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=461424",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=461424"
},
{
"name": "http://www.bitlbee.org/main.php/changelog.html",
"refsource": "CONFIRM",
"url": "http://www.bitlbee.org/main.php/changelog.html"
},
{
"name": "http://www.bitlbee.org/main.php/news.r.html",
"refsource": "CONFIRM",
"url": "http://www.bitlbee.org/main.php/news.r.html"
},
{
"name": "31991",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31991"
},
{
"name": "31690",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31690"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2008-3969",
"datePublished": "2008-09-10T15:00:00.000Z",
"dateReserved": "2008-09-09T00:00:00.000Z",
"dateUpdated": "2024-08-07T10:00:42.590Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3920 (GCVE-0-2008-3920)
Vulnerability from nvd – Published: 2008-09-04 18:00 – Updated: 2024-08-07 10:00
VLAI?
Summary
Unspecified vulnerability in BitlBee before 1.2.2 allows remote attackers to "recreate" and "hijack" existing accounts via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
Date Public ?
2008-08-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:00:41.112Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bitlbee.org/main.php/changelog.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460355"
},
{
"name": "30858",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30858"
},
{
"name": "GLSA-200809-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200809-14.xml"
},
{
"name": "FEDORA-2008-7712",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00335.html"
},
{
"name": "31633",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31633"
},
{
"name": "FEDORA-2008-7274",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00045.html"
},
{
"name": "31991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31991"
},
{
"name": "31690",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31690"
},
{
"name": "bitlbee-unspecified-security-bypass(44699)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44699"
},
{
"name": "FEDORA-2008-7830",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00692.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in BitlBee before 1.2.2 allows remote attackers to \"recreate\" and \"hijack\" existing accounts via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bitlbee.org/main.php/changelog.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460355"
},
{
"name": "30858",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30858"
},
{
"name": "GLSA-200809-14",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200809-14.xml"
},
{
"name": "FEDORA-2008-7712",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00335.html"
},
{
"name": "31633",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31633"
},
{
"name": "FEDORA-2008-7274",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00045.html"
},
{
"name": "31991",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31991"
},
{
"name": "31690",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31690"
},
{
"name": "bitlbee-unspecified-security-bypass(44699)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44699"
},
{
"name": "FEDORA-2008-7830",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00692.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3920",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in BitlBee before 1.2.2 allows remote attackers to \"recreate\" and \"hijack\" existing accounts via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://bitlbee.org/main.php/changelog.html",
"refsource": "CONFIRM",
"url": "http://bitlbee.org/main.php/changelog.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=460355",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460355"
},
{
"name": "30858",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30858"
},
{
"name": "GLSA-200809-14",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200809-14.xml"
},
{
"name": "FEDORA-2008-7712",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00335.html"
},
{
"name": "31633",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31633"
},
{
"name": "FEDORA-2008-7274",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00045.html"
},
{
"name": "31991",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31991"
},
{
"name": "31690",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31690"
},
{
"name": "bitlbee-unspecified-security-bypass(44699)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44699"
},
{
"name": "FEDORA-2008-7830",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00692.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3920",
"datePublished": "2008-09-04T18:00:00.000Z",
"dateReserved": "2008-09-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T10:00:41.112Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}