The remote host is running Openfire / Wildfire, an instant messaging server supporting the XMPP protocol.

According to its version, the installation of Openfire or Wildfire fails to verify the owner of the account before changing the password for the account in response to an 'iq:auth' request. An authenticated attacker can exploit this vulnerability to change the passwords for arbitrary Openfire / Wildfire user accounts.

リモートホストは、GLSA-201406-35 で説明されている脆弱性の影響を受けます（Openfire：複数の脆弱性）

Openfire に複数の脆弱性が発見されました。詳細については、以下で参照されている CVE 識別子をレビューしてください。
 影響：

リモートの攻撃者が、サービス拒否状態を引き起こしたり、セキュリティ制限をバイパスしたりする可能性があります。
 回避策：

現時点で、既知の回避策はありません。

リモートホストは、XMPPプロトコルをサポートするインスタントメッセージングサーバーであるOpenfire/Wildfireを実行しています。

そのバージョンによると、OpenfireまたはWildfireのインストールは、「iq: auth」リクエストに応答してアカウント用のパスワードを変更する前に、アカウントの所有者の確認に失敗します。認証された攻撃者が、この脆弱性を悪用して、任意のOpenfire/Wildfireユーザーアカウント用のパスワードを変更する可能性があります。

The remote host is affected by the vulnerability described in GLSA-201406-35 (Openfire: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Openfire. Please review       the CVE identifiers referenced below for details.
  Impact :

    A remote attacker could possibly cause a Denial of Service condition or       bypass security restrictions.
  Workaround :

    There is no known workaround at this time.

Andreas Kurtz reports :

The jabber server Openfire (<= version 3.6.0a) contains several serious vulnerabilities. Depending on the particular runtime environment these issues can potentially even be used by an attacker to execute code on operating system level.

- Authentication bypass - This vulnerability provides an attacker full access to all functions in the admin webinterface without providing any user credentials. The Tomcat filter which is responsible for authentication could be completely circumvented.

- SQL injection - It is possible to pass SQL statements to the backend database through a SQL injection vulnerability. Depending on the particular runtime environment and database permissions it is even possible to write files to disk and execute code on operating system level.

- Multiple Cross-Site Scripting - Permits arbitrary insertion of HTML- and JavaScript code in login.jsp. An attacker could also manipulate a parameter to specify a destination to which a user will be forwarded to after successful authentication.

远程主机受到 GLSA-201406-35 中所述漏洞的影响（Openfire：多种漏洞）

已在 Openfire 中发现多种漏洞。请检查下面引用的 CVE 标识符以了解详细信息。
 影响：

远程攻击者可能造成拒绝服务情况或绕过安全限制。
 变通方案：

目前无任何已知的变通方案。

遠端主機受到 GLSA-201406-35 中所述的弱點影響 (Openfire：多個弱點)

在 Openfire 中發現多個弱點。如需詳細資訊，請檢閱以下提及的 CVE 識別碼。
 影響：

遠端攻擊者可能造成拒絕服務情況或繞過安全性限制。
 因應措施：

目前尚無已知的因應措施。

遠端主機正在執行 Openfire/Wildfire，這是一個支援 XMPP 通訊協定的即時訊息伺服器。

根據其版本，Openfire 或 Wildfire 的安裝在變更帳戶密碼以回應「iq: auth」要求前，無法驗證該帳戶的所有者。經驗證的攻擊者可惡意利用此弱點，變更任意 Openfire/Wildfire 使用者帳戶的密碼。

The remote host is running Openfire / Wildfire, an instant messaging server supporting the XMPP protocol.  According to its version, the installation of Openfire or Wildfire is affected by a vulnerability which would allow a remote attacker to change the password of any users.  In particular, input sent to the 'passwd_change' parameter of the jabber: iq: auth routine is not sufficiently sanitized.  An attacker, exploiting this flaw, would be able to gain access to any user account.

ID	Name	Product	Family	Published	Updated	Severity
38688	Openfire < 3.6.4 jabber:iq:auth Crafted password_change Request Password Manipulation	Nessus	CGI abuses	5/5/2009	1/19/2021	medium
76330	GLSA-201406-35：Openfire：複数の脆弱性	Nessus	Gentoo Local Security Checks	7/1/2014	1/6/2021	high
38688	Openfire < 3.6.4 jabber：iq：auth細工されたpassword_changeリクエストパスワード操作	Nessus	CGI abuses	5/5/2009	1/19/2021	medium
76330	GLSA-201406-35 : Openfire: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	7/1/2014	1/6/2021	high
34839	FreeBSD : openfire -- multiple vulnerabilities (937adf01-b64a-11dd-a55e-00163e000016)	Nessus	FreeBSD Local Security Checks	11/21/2008	1/6/2021	high
76330	GLSA-201406-35：Openfire：多种漏洞	Nessus	Gentoo Local Security Checks	7/1/2014	1/6/2021	high
76330	GLSA-201406-35：Openfire：多個弱點	Nessus	Gentoo Local Security Checks	7/1/2014	1/6/2021	high
38688	Openfire < 3.6.4 jabber: iq: auth 特製 password_change 要求密碼操控	Nessus	CGI abuses	5/5/2009	1/19/2021	medium
5018	Openfire < 3.6.4 Arbitrary Password Manipulation	Nessus Network Monitor	CGI	8/18/2004	3/6/2019	medium

Detections

Analytics

Plugins Search

medium

high

medium

high

high

high

high

medium

medium