Back to search
CVE-2008-3969
Published: Sep 10, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple unspecified vulnerabilities in BitlBee before 1.2.3 allow remote attackers to "overwrite" and "hijack" existing accounts via unknown vectors related to "inconsistent handling of the USTATUS_IDENTIFIED state." NOTE: this issue exists because of an incomplete fix for CVE-2008-3920.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[oss-security] 20080908 Re: CVE request for bitlbee
mailing-list
x_refsource_MLIST
FEDORA-2008-7761
vendor-advisory
x_refsource_FEDORA
31342
vdb-entry
x_refsource_BID
[oss-security] 20080909 Re: CVE request for bitlbee
mailing-list
x_refsource_MLIST
bitlbee-multiple-unspecified-security-bypass(45132)
vdb-entry
x_refsource_XF
GLSA-200809-14
vendor-advisory
x_refsource_GENTOO
https://bugzilla.redhat.com/show_bug.cgi?id=461424
x_refsource_CONFIRM
http://www.bitlbee.org/main.php/changelog.html
x_refsource_CONFIRM
http://www.bitlbee.org/main.php/news.r.html
x_refsource_CONFIRM
31991
third-party-advisory
x_refsource_SECUNIA
31690
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now