CHAT: Jabber 2.x Username Buffer Overflow
This signature detects attempts to overflow the username field in cleartext XMPP communications. Jabberd 2.x incorrectly verifies the username field length, enabling a malicious user to overflow a buffer. When Jabberd is running as root, an attacker can also execute arbitrary code.
Extended Description
Multiple remote buffer overflow vulnerabilities affect the Jabber Server. These issues are due to a failure of the application to properly validate the length of user-supplied strings prior to copying them into finite process buffers. An attacker may leverage these issues to execute arbitrary code on a computer with the privileges of the server process. This may facilitate unauthorized access or privilege escalation.
Affected Products
Jabber_software_foundation jabber_server
References
BugTraq: 11741
CVE: CVE-2004-0953
URL: http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2004-11/1193.html http://www.jabber.org
Short Name
CHAT:JABBER:UNAME-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
CHAT
Keywords
2.x Buffer CVE-2004-0953 Jabber Overflow Username bid:11741
Release Date
12/17/2004
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
srx-branch-12.3
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx-12.3
vmx-19.3
srx-12.3
Sigpack Version
3364
False Positive
Unknown
Vendors
Jabber_software_foundation
CVSS Score
10.0