Cisco Jabber and Webex Client Software Shared File Manipulation Vulnerability

A vulnerability in Cisco Jabber and Cisco Webex (formerly Teams) could allow an unauthenticated, remote attacker to manipulate file names within the messaging interface.

The vulnerability exists because the affected software mishandles character rendering. An attacker could exploit this vulnerability by sharing a file within the application interface. A successful exploit could allow the attacker to modify how the shared file name displays within the interface, which could allow the attacker to conduct phishing or spoofing attacks.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-teams-7ZMcXG99

Security Impact Rating: Medium

CVE: CVE-2021-1242

Related:

  • No Related Posts

Cisco Jabber for Windows Protocol Handler Command Injection Vulnerability

A vulnerability in the application protocol handling features of Cisco Jabber for Windows could allow an unauthenticated, remote attacker to execute arbitrary commands.

The vulnerability is due to improper handling of input to the application protocol handlers. An attacker could exploit this vulnerability by convincing a user to click a link within a message sent by email or other messaging platform. A successful exploit could allow the attacker to execute arbitrary commands on a targeted system with the privileges of the user account that is running the Cisco Jabber client software.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-jabber-vY8M4KGB

Security Impact Rating: High

CVE: CVE-2020-3430

Related:

Cisco Jabber for Windows Message Handling Arbitrary Code Execution Vulnerability

A vulnerability in Cisco Jabber for Windows could allow an authenticated, remote attacker to execute arbitrary code.

The vulnerability is due to improper validation of message contents. An attacker could exploit this vulnerability by sending specially crafted Extensible Messaging and Presence Protocol (XMPP) messages to the affected software. A successful exploit could allow the attacker to cause the application to execute arbitrary programs on the targeted system with the privileges of the user account that is running the Cisco Jabber client software, possibly resulting in arbitrary code execution.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-jabber-UyTKCPGg

Security Impact Rating: Critical

CVE: CVE-2020-3495

Related:

Cisco Meeting Server Extensible Messaging and Presence Protocol Denial of Service Vulnerability

A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) feature of Cisco Meeting Server software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition for users of XMPP conferencing applications. Other applications and processes are unaffected.

The vulnerability is due to improper input validation of XMPP packets. An attacker could exploit this vulnerability by sending crafted XMPP packets to an affected device. An exploit could allow the attacker to cause process crashes and a DoS condition for XMPP conferencing applications.

Cisco has released software updates that address the vulnerability described in this advisory. There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cms-xmpp-dos-ptfGUsBx

Security Impact Rating: Medium

CVE: CVE-2020-3160

Related:

Wyse ThinOS 8.6 Extends Smooth and Seamless Real-Time Communication on Dell’s Thin Clients

EMC logo


Companies all over the world are recognizing virtual desktop infrastructure (VDI) with thin clients as a prime solution for some of their most pressing endpoint security and client management challenges. But until recently, it wasn’t the ideal solution for users that conduct real-time audio and video conferences using popular services like Microsoft Skype and Cisco Jabber. With the launch of the latest version of our flagship thin client firmware platform, ThinOS 8.6, Wyse thin clients now offer additional exciting options for these enterprises, thanks to expanded support for high-quality unified communications products. How ThinOS 8.6 Enables … READ MORE



ENCLOSURE:https://blog.dellemc.com/uploads/2019/01/VDI-desk-with-headphones-600×356.jpg

Update your feed preferences


   

   


   


   

submit to reddit
   

Related:

7022173: OSAD clients not taking actions immediately after a migration or upgrade in SUSE Manager

In the SUSE Manager Server, the jabberd DB should be recreated:

# spacewalk-service stop

# rm -Rf /var/lib/jabberd/db/*

# spacewalk-service start

The same applies for the proxies:

# spacewalk-proxy stop

# rm -Rf /var/lib/jabberd/db/*

# spacewalk-proxy start

In the clients, the osad-auth.conf file should be deleted:

# rcosad stop

# rm -f /etc/sysconfig/rhn/osad-auth.conf

# rcosad start

Obviously this step can be automated through SUSE Manager, specially in the case of having several clients. The task will be eventually run after a maximum of 4 hours. It can also be forced by running the following in the client:

# rhn_check

However, this requires logging into every client.

Related:

7015878: jabberd initialization fails with “db: couldn’t open environment: Resource temporarily unavailable”

This document (7015878) is provided subject to the disclaimer at the end of this document.

Environment

SUSE Manager 3.0

SUSE Manager 2.1

SUSE Manager 1.7

Situation

When jabberd is attempting to start the following error can be seen in /var/log/messages and jabberd fails to load:

Nov 11 10:05:12 suma1 jabberd/sm[7216]: db: couldn’t open environment: Resource temporarily unavailable

Nov 11 10:05:12 suma1 jabberd/sm[7216]: initialisation of storage driver ‘db’ failed

Nov 11 10:05:12 suma1 jabberd/sm[7216]: failed to initialise one or more storage drivers, aborting

Nov 11 10:05:14 suma1 jabberd/c2s[7233]: db: couldn’t open environment: Resource temporarily unavailable

Nov 11 10:05:14 suma1 jabberd/c2s[7233]: failed to initialize auth module ‘db’

Resolution

This issue is caused by a corrupted jabberd database, which can be fixed by doing the following:

rcosa-dispatcher stop

rcjabberd stop

cd /var/lib/jabberd/db

rm *

rcjabberd start

rcosa-dispatcher start

After removing the database jabberd should start without issue.

Cause

jabberd database corruption can occur for many reasons, the most common cause is taskomatic running out of memory (see the following tid: https://www.suse.com/support/kb/doc.php?id=7012598 )

Additional Information

Note: This document is valid for SUSE Manager 1.7, 2.1 and 3.0 _only_!

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented “AS IS” WITHOUT WARRANTY OF ANY KIND.

Related: