Openfire < 3.6.4 jabber:iq:auth Crafted password_change Request Password Manipulation

medium Nessus Plugin ID 38688

Synopsis

The remote host contains an application that is affected by a remote password change vulnerability.

Description

The remote host is running Openfire / Wildfire, an instant messaging server supporting the XMPP protocol.

According to its version, the installation of Openfire or Wildfire fails to verify the owner of the account before changing the password for the account in response to an 'iq:auth' request. An authenticated attacker can exploit this vulnerability to change the passwords for arbitrary Openfire / Wildfire user accounts.

Solution

Upgrade to Openfire version 3.6.4 or later.

See Also

http://www.igniterealtime.org/community/message/190280

https://issues.igniterealtime.org/browse/JM-1531

Plugin Details

Severity: Medium

ID: 38688

File Name: openfire_3_6_4.nasl

Version: 1.14

Type: remote

Family: CGI abuses

Published: 5/5/2009

Updated: 1/19/2021

Configuration: Enable paranoid mode

Risk Information

VPR

Risk Factor: Medium

Score: 5.5

CVSS v2

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 5.1

Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Temporal Vector: E:POC/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:igniterealtime:openfire

Required KB Items: Settings/ParanoidReport

Exploit Ease: No exploit is required

Reference Information

CVE: CVE-2009-1595

BID: 34804

Secunia: 34976

CWE: 287