all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Debian Security Advisory 5379-1

Add to bookmarks
March 28, 2023, 3:19 p.m. |

Packet Storm packetstormsecurity.com

Debian Linux Security Advisory 5379-1 - Kim Alvefur discovered that insufficient message sender validation in dino-im, a modern XMPP/Jabber client, may result in manipulation of entries in the personal bookmark store without user interaction via a specially crafted message. Additionally an attacker can take advantage of this flaw to change how group chats are displayed or force a user to join or leave an attacker-selected groupchat.

advisory change client debian flaw jabber kim linux linux security manipulation may message personal result security security advisory store validation xmpp

Visit resource

More from packetstormsecurity.com / Packet Storm

Debian Security Advisory 5665-1 22 hours ago | packetstormsecurity.com
advisory debian debian linux security engine +7
Debian Security Advisory 5664-1 22 hours ago | packetstormsecurity.com
advisory attackers can clients +20
Elber Wayber Analog/Digital Audio STL 4.00 Insecure Direct Object Reference 22 hours ago | packetstormsecurity.com
audio client client-side configuration +11
Elber Wayber Analog/Digital Audio STL 4.00 Authentication Bypass 22 hours ago | packetstormsecurity.com
access attackers audio authentication +15
Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Insecure Direct Object Reference 22 hours ago | packetstormsecurity.com
client client-side configuration device +12
Elber ESE DVB-S/S2 Satellite Receiver 1.5.x Authentication Bypass 22 hours ago | packetstormsecurity.com
access attackers authentication authentication bypass +16
Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Insecure Direct Object Reference 22 hours ago | packetstormsecurity.com
client client-side configuration device +10
Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Authentication Bypass 22 hours ago | packetstormsecurity.com
access attackers authentication authentication bypass +14
Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Insecure Direct Object Reference 23 hours ago | packetstormsecurity.com
1.0.0 broadcast client client-side +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Security Engineer, Incident Response

@ Databricks | Remote - Netherlands
View on infosec-jobs.com

Associate Vulnerability Engineer - Mid-Atlantic region (Part-Time)

@ GuidePoint Security LLC | Remote in VA, MD, PA, NC, DE, NJ, or DC
View on infosec-jobs.com

Data Security Architect

@ Accenture Federal Services | Washington, DC
View on infosec-jobs.com

Identity Security Administrator

@ SailPoint | Pune, India
View on infosec-jobs.com
View more jobs