Lucene search
MitreCVELIST:CVE-2014-8760HistoryOct 25, 2014 - 12:00 a.m.
CVE-2014-8760
2014-10-2500:00:00
mitre
www.cve.org
ejabberd before 2.1.13 does not enforce the starttls_required setting when compression is used, which causes clients to establish connections without encryption.
References
advisories.mageia.org/MGASA-2014-0417.html
mail.jabber.org/pipermail/operators/2014-October/002438.html
seclists.org/oss-sec/2014/q4/312
www.mandriva.com/security/advisories?name=MDVSA-2014:207
www.mandriva.com/security/advisories?name=MDVSA-2015:175
www.securityfocus.com/bid/70415
bugzilla.redhat.com/show_bug.cgi?id=1153839
github.com/processone/ejabberd/commit/7bdc1151b
Related
openvas
openvas
Debian: Security Advisory (DLA-881-1)
2018-01-16 00:00:00
Mageia: Security Advisory (MGASA-2014-0417)
2022-01-28 00:00:00
nessus
nessus
Debian DLA-881-1 : ejabberd security update
2017-04-03 00:00:00
Mandriva Linux Security Advisory : ejabberd (MDVSA-2015:175)
2015-03-31 00:00:00
Mandriva Linux Security Advisory : ejabberd (MDVSA-2014:207)
2014-10-27 00:00:00
prion
prion
Design/Logic Flaw
2014-10-25 00:55:00
osv
osv
ejabberd - security update
2017-04-01 00:00:00
cve
cve
CVE-2014-8760
2014-10-25 00:55:05
archlinux
archlinux
ejabberd: circumvention of encryption
2014-10-27 00:00:00
ubuntucve
ubuntucve
CVE-2014-8760
2014-10-25 00:00:00
securityvulns
securityvulns
[ MDVSA-2014:207 ] ejabberd
2014-10-27 00:00:00
ejabberd protection bypass
2014-10-27 00:00:00
nvd
nvd
CVE-2014-8760
2014-10-25 00:55:05
debian
debian
[SECURITY] [DLA 881-1] ejabberd security update
2017-04-01 19:52:39
mageia
mageia
Updated ejabberd packages fix security vulnerability
2014-10-23 17:27:57
debiancve
debiancve
CVE-2014-8760
2014-10-25 00:55:05