{ "id": "CVE-2008-3920", "sourceIdentifier": "cve@mitre.org", "published": "2008-09-04T18:41:00.000", "lastModified": "2017-08-08T01:32:16.390", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in BitlBee before 1.2.2 allows remote attackers to \"recreate\" and \"hijack\" existing accounts via unspecified vectors." }, { "lang": "es", "value": "Vulnerabilidad no especificada en BitlBee versiones anteriores a 1.2.2 permite a atacantes remotos \"recrear\" y \"secuestrar\" cuentas existentes a trav\u00e9s de vectores no especificados." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 7.5 }, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-264" }, { "lang": "en", "value": "NVD-CWE-noinfo" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:bitlbee:bitlbee:*:*:*:*:*:*:*:*", "versionEndIncluding": "1.2.1", "matchCriteriaId": "5234626B-088F-43CB-B1CD-7168CF526708" }, { "vulnerable": true, "criteria": "cpe:2.3:a:bitlbee:bitlbee:0.71:*:*:*:*:*:*:*", "matchCriteriaId": "BA869CB6-9010-4986-BEF0-82A7D90F4B23" }, { "vulnerable": true, "criteria": "cpe:2.3:a:bitlbee:bitlbee:0.72:*:*:*:*:*:*:*", "matchCriteriaId": "D35463DF-AFFB-4B40-A152-289F5EE4F846" }, { "vulnerable": true, "criteria": "cpe:2.3:a:bitlbee:bitlbee:0.73:*:*:*:*:*:*:*", "matchCriteriaId": "DBBBBA08-87CB-4B30-9787-5AA2131E7850" }, { "vulnerable": true, "criteria": "cpe:2.3:a:bitlbee:bitlbee:0.74:*:*:*:*:*:*:*", "matchCriteriaId": "4572DCBA-1396-4F11-BAAC-93ACE8D89A33" }, { "vulnerable": true, "criteria": "cpe:2.3:a:bitlbee:bitlbee:0.74:a:*:*:*:*:*:*", "matchCriteriaId": "B1A38CA9-577C-40B4-8BE0-CB6F5F34C14A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:bitlbee:bitlbee:0.80:*:*:*:*:*:*:*", "matchCriteriaId": "6DAC042F-12A1-46C9-9E38-772AF3453E58" }, { "vulnerable": true, "criteria": "cpe:2.3:a:bitlbee:bitlbee:0.81:*:*:*:*:*:*:*", "matchCriteriaId": "9B9F5418-451E-4EC1-B8BE-5B40C26E3426" }, { "vulnerable": true, "criteria": "cpe:2.3:a:bitlbee:bitlbee:0.81:a:*:*:*:*:*:*", "matchCriteriaId": "19F35887-A34F-44F9-8F7A-AE5E890A4338" }, { "vulnerable": true, "criteria": "cpe:2.3:a:bitlbee:bitlbee:0.82:*:*:*:*:*:*:*", "matchCriteriaId": "18EA0FF0-603D-42B1-AB11-CFDB8F3BBDA4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:bitlbee:bitlbee:0.83:*:*:*:*:*:*:*", "matchCriteriaId": "15E60F85-3752-4C72-AA65-F6966D229C44" }, { "vulnerable": true, "criteria": "cpe:2.3:a:bitlbee:bitlbee:0.84:*:*:*:*:*:*:*", "matchCriteriaId": "1AF48476-6959-49B6-855A-D6AA9B4D60B0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:bitlbee:bitlbee:0.85:*:*:*:*:*:*:*", "matchCriteriaId": "FC95F758-AE0E-4A66-944D-B81B58FE83AD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:bitlbee:bitlbee:0.85:a:*:*:*:*:*:*", "matchCriteriaId": "A57B7ED0-7059-4742-8F76-B1FE1A4C391F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:bitlbee:bitlbee:0.90:*:*:*:*:*:*:*", "matchCriteriaId": "330A1A1D-D49D-4D1B-92D2-9A4B370CC2BC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:bitlbee:bitlbee:0.90:a:*:*:*:*:*:*", "matchCriteriaId": "0E59BD57-69E2-4817-B9AC-5493521F0E16" }, { "vulnerable": true, "criteria": "cpe:2.3:a:bitlbee:bitlbee:0.91:*:*:*:*:*:*:*", "matchCriteriaId": "57780106-63FE-4689-AD84-6D6037F9DB13" }, { "vulnerable": true, "criteria": "cpe:2.3:a:bitlbee:bitlbee:0.92:*:*:*:*:*:*:*", "matchCriteriaId": "45A04FA0-6357-47D0-A1E1-501906CDBB9D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:bitlbee:bitlbee:0.93:*:*:*:*:*:*:*", "matchCriteriaId": "98AE68C3-3EF3-4CAF-B567-AD9178807136" }, { "vulnerable": true, "criteria": "cpe:2.3:a:bitlbee:bitlbee:0.93:a:*:*:*:*:*:*", "matchCriteriaId": "AEBF00E7-3B11-4CC9-BF19-557FBF7246A6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:bitlbee:bitlbee:0.99:*:*:*:*:*:*:*", "matchCriteriaId": "4F892102-902D-400B-836F-8FDE99882554" }, { "vulnerable": true, "criteria": "cpe:2.3:a:bitlbee:bitlbee:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "C864877F-81D6-4C86-8BEB-88437E84B8F4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:bitlbee:bitlbee:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "DA332C38-688D-4F7D-937C-24EC22C36C10" }, { "vulnerable": true, "criteria": "cpe:2.3:a:bitlbee:bitlbee:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "9D76DADC-BDCE-43BE-AA3B-582A6A8BCE85" }, { "vulnerable": true, "criteria": "cpe:2.3:a:bitlbee:bitlbee:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "7845BB36-FA0A-4934-8C57-EE0FF3AEE3C0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:bitlbee:bitlbee:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "ADCB7D85-8880-4BC8-9C81-A585476748B1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:bitlbee:bitlbee:1.1:dev:*:*:*:*:*:*", "matchCriteriaId": "6F79D42E-252A-4C2D-9D74-B545A8B6F746" }, { "vulnerable": true, "criteria": "cpe:2.3:a:bitlbee:bitlbee:1.1.1:dev:*:*:*:*:*:*", "matchCriteriaId": "09FC7E58-BB36-46A1-91AD-D858B6CAB133" }, { "vulnerable": true, "criteria": "cpe:2.3:a:bitlbee:bitlbee:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "B6CBB5AA-DF56-47AA-BB50-0EC87931D1C1" } ] } ] } ], "references": [ { "url": "http://bitlbee.org/main.php/changelog.html", "source": "cve@mitre.org" }, { "url": "http://security.gentoo.org/glsa/glsa-200809-14.xml", "source": "cve@mitre.org" }, { "url": "http://www.securityfocus.com/bid/30858", "source": "cve@mitre.org" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=460355", "source": "cve@mitre.org" }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44699", "source": "cve@mitre.org" }, { "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00045.html", "source": "cve@mitre.org" }, { "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00335.html", "source": "cve@mitre.org" }, { "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00692.html", "source": "cve@mitre.org" } ] }