CVE-2016-10027

MEDIUM

Smack <4.1.9 - Privilege Escalation

Title source: llm

Description

Race condition in the XMPP library in Smack before 4.1.9, when the SecurityMode.required TLS setting has been set, allows man-in-the-middle attackers to bypass TLS protections and trigger use of cleartext for client authentication by stripping the "starttls" feature from a server response.

References (7)

[Mailing List, Patch, Third Party Advisory] http://www.openwall.com/lists/oss-security/2016/12/22/12

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/95129

[Vendor Advisory] https://community.igniterealtime.org/blogs/ignite/2016/11/22/smack-security-advisory-2016-11-22

[Patch, Third Party Advisory] https://github.com/igniterealtime/Smack/commit/059ee99ba0d5ff7758829acf5a9aeede09ec820b

[Patch, Third Party Advisory] https://github.com/igniterealtime/Smack/commit/a9d5cd4a611f47123f9561bc5a81a4555fe7cb04

[Issue Tracking, Vendor Advisory] https://issues.igniterealtime.org/projects/SMACK/issues/SMACK-739

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J4WXAZ4JVJXHMEDDXJVWJHPVBF5QCTZF/

Scores

CVSS v3 5.9

EPSS 0.0039

EPSS Percentile 59.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-362

Status published

Affected Products (4)

igniterealtime/smack < 4.1.9

fedoraproject/fedora

org.igniterealtime.smack/smack-core < 4.1.9Maven

n/a/n/a

Timeline

Published Jan 12, 2017

Tracked Since Feb 18, 2026