Vulnerabilities > CVE-2019-16236 - Missing Authorization vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
HIGH Availability impact
NONE Summary
Dino before 2019-09-10 does not check roster push authorization in module/roster/module.vala.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 | |
| OS | 1 | |
| OS | 3 | |
| OS | 1 |
Common Weakness Enumeration (CWE)
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2019-0EB6D51F81.NASL description Update dino to [a96c8014](https://github.com/dino/dino/compare/016ab2c1...a96c8014), which addresses three CVEs. CVE-2019-16235 ============== Dino did not properly check the source of message carbons. https://nvd.nist.gov/vuln/detail/CVE-2019-16235 Fixed in https://github.com/dino/dino/commit/e84f2c49567e86d2a261ea264d65c4adc5 49c930 CVE-2019-16236 ========== Dino did not check roster push authorization. https://nvd.nist.gov/vuln/detail/CVE-2019-16236 Fixed in https://github.com/dino/dino/commit/dd33f5f949248d87d34f399e8846d5ee5b 8823d9 CVE-2019-16237 ========== Dinot did not properly check the source of MAM messages. https://nvd.nist.gov/vuln/detail/CVE-2019-16237 Fixed in https://github.com/dino/dino/commit/307f16cc86dd2b95aa02ab8a85110e4a2d 5e7363 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 129077 published 2019-09-20 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/129077 title Fedora 29 : dino (2019-0eb6d51f81) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory FEDORA-2019-0eb6d51f81. # include("compat.inc"); if (description) { script_id(129077); script_version("1.4"); script_cvs_date("Date: 2019/12/27"); script_cve_id("CVE-2019-16235", "CVE-2019-16236", "CVE-2019-16237"); script_xref(name:"FEDORA", value:"2019-0eb6d51f81"); script_name(english:"Fedora 29 : dino (2019-0eb6d51f81)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Update dino to [a96c8014](https://github.com/dino/dino/compare/016ab2c1...a96c8014), which addresses three CVEs. CVE-2019-16235 ============== Dino did not properly check the source of message carbons. https://nvd.nist.gov/vuln/detail/CVE-2019-16235 Fixed in https://github.com/dino/dino/commit/e84f2c49567e86d2a261ea264d65c4adc5 49c930 CVE-2019-16236 ========== Dino did not check roster push authorization. https://nvd.nist.gov/vuln/detail/CVE-2019-16236 Fixed in https://github.com/dino/dino/commit/dd33f5f949248d87d34f399e8846d5ee5b 8823d9 CVE-2019-16237 ========== Dinot did not properly check the source of MAM messages. https://nvd.nist.gov/vuln/detail/CVE-2019-16237 Fixed in https://github.com/dino/dino/commit/307f16cc86dd2b95aa02ab8a85110e4a2d 5e7363 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2019-0eb6d51f81" ); # https://github.com/dino/dino/commit/307f16cc86dd2b95aa02ab8a85110e4a2d5e7363 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?ca66609b" ); script_set_attribute( attribute:"see_also", value:"https://github.com/dino/dino/compare/016ab2c1...a96c8014" ); script_set_attribute(attribute:"solution", value:"Update the affected dino package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:dino"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:29"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/09/11"); script_set_attribute(attribute:"patch_publication_date", value:"2019/09/20"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/09/20"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! preg(pattern:"^29([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 29", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC29", reference:"dino-0.0-0.12.20190912.git.a96c801.fc29")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "dino"); }NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-4306-1.NASL description It was discovered that Dino incorrectly validated inputs. An attacker could use this issue to possibly obtain, inject or remove sensitive information. This update also includes a fix to the encryption implementation in Dino to support 12 byte IVs, in addition to 16 byte IVs. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-21 modified 2020-03-18 plugin id 134664 published 2020-03-18 reporter Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/134664 title Ubuntu 18.04 LTS : dino-im vulnerabilities (USN-4306-1) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-4524.NASL description Multiple vulnerabilities have been discovered in the Dino XMPP client, which could allow spoofing message, manipulation of a user last seen 2020-06-01 modified 2020-06-02 plugin id 128884 published 2019-09-17 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128884 title Debian DSA-4524-1 : dino-im - security update NASL family Fedora Local Security Checks NASL id FEDORA_2019-2555C77F63.NASL description Update dino to [a96c8014](https://github.com/dino/dino/compare/016ab2c1...a96c8014), which addresses three CVEs. CVE-2019-16235 ============== Dino did not properly check the source of message carbons. https://nvd.nist.gov/vuln/detail/CVE-2019-16235 Fixed in https://github.com/dino/dino/commit/e84f2c49567e86d2a261ea264d65c4adc5 49c930 CVE-2019-16236 ========== Dino did not check roster push authorization. https://nvd.nist.gov/vuln/detail/CVE-2019-16236 Fixed in https://github.com/dino/dino/commit/dd33f5f949248d87d34f399e8846d5ee5b 8823d9 CVE-2019-16237 ========== Dinot did not properly check the source of MAM messages. https://nvd.nist.gov/vuln/detail/CVE-2019-16237 Fixed in https://github.com/dino/dino/commit/307f16cc86dd2b95aa02ab8a85110e4a2d 5e7363 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 129610 published 2019-10-07 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/129610 title Fedora 31 : dino (2019-2555c77f63) NASL family Fedora Local Security Checks NASL id FEDORA_2019-3D3BB765CA.NASL description Update dino to [a96c8014](https://github.com/dino/dino/compare/016ab2c1...a96c8014), which addresses three CVEs. CVE-2019-16235 ============== Dino did not properly check the source of message carbons. https://nvd.nist.gov/vuln/detail/CVE-2019-16235 Fixed in https://github.com/dino/dino/commit/e84f2c49567e86d2a261ea264d65c4adc5 49c930 CVE-2019-16236 ========== Dino did not check roster push authorization. https://nvd.nist.gov/vuln/detail/CVE-2019-16236 Fixed in https://github.com/dino/dino/commit/dd33f5f949248d87d34f399e8846d5ee5b 8823d9 CVE-2019-16237 ========== Dinot did not properly check the source of MAM messages. https://nvd.nist.gov/vuln/detail/CVE-2019-16237 Fixed in https://github.com/dino/dino/commit/307f16cc86dd2b95aa02ab8a85110e4a2d 5e7363 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 129079 published 2019-09-20 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/129079 title Fedora 30 : dino (2019-3d3bb765ca)
References
- https://github.com/dino/dino/commit/dd33f5f949248d87d34f399e8846d5ee5b8823d9
- https://gultsch.de/dino_multiple.html
- http://www.openwall.com/lists/oss-security/2019/09/12/5
- https://seclists.org/bugtraq/2019/Sep/31
- https://www.debian.org/security/2019/dsa-4524
- https://usn.ubuntu.com/4306-1/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YUBM7GDZBB6MZZALDWYRAPNV6HJNLNMC/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5TMGQ5Q6QMIFG4NVUWMOWW3GIPGWQZVF/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WZBNQAOBWTIOKNO4PIYNX624ACGUXSXQ/