Lucene search

[email protected]NVD:CVE-2004-1378

HistorySep 21, 2004 - 4:00 a.m.

CVE-2004-1378

2004-09-2104:00:00

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.5 Medium

AI Score

Confidence

High

0.073 Low

EPSS

Percentile

94.1%

JSON

The expat XML parser code, as used in the open source Jabber (jabberd) 1.4.3 and earlier, jadc2s 0.9.0 and earlier, and possibly other packages, allows remote attackers to cause a denial of service (application crash) via a malformed packet to a socket that accepts XML connections.

Affected configurations

NVD

Node

jabberstudiojabberdMatch1.4

jabberstudiojabberdMatch1.4.1

jabberstudiojabberdMatch1.4.2

jabberstudiojabberdMatch1.4.2a

jabberstudiojabberdMatch1.4.3

jabberstudiojadc2sMatch0.6

jabberstudiojadc2sMatch0.7

jabberstudiojadc2sMatch0.8

jabberstudiojadc2sMatch0.9

References

devel.amessage.info/jabberd14/

mail.jabber.org/pipermail/jabberd/2004-September/002004.html

marc.info/?l=bugtraq&m=109583829122679&w=2

secunia.com/advisories/12636

securitytracker.com/id?1011383

securitytracker.com/id?1011384

www.gentoo.org/security/en/glsa/glsa-200409-31.xml

www.osvdb.org/10257

www.securityfocus.com/bid/11231

www.vuxml.org/freebsd/2e25d38b-54d1-11d9-b612-000c6e8f12ef.html

exchange.xforce.ibmcloud.com/vulnerabilities/17466

exchange.xforce.ibmcloud.com/vulnerabilities/17467

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.5 Medium

AI Score

Confidence

High

0.073 Low

EPSS

Percentile

94.1%

JSON

Related for NVD:CVE-2004-1378

openvas4 cve1 nessus2 cvelist1 freebsd1 gentoo1