Linux Distros Unpatched Vulnerability : CVE-2021-32920

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Prosody before 0.11.9 allows Uncontrolled CPU Consumption via a flood of SSL/TLS renegotiation requests. CVE-2021-32920 Note that Nessus relies on the presence ...

CVE-2024-25108 Insufficient authorization allowing elevated access to resources in pixelfed

Pixelfed is an open source photo sharing platform. When processing requests authorization was improperly and insufficiently checked, allowing attackers to access far more functionality than users intended, including to the administrative and moderator functionality of the Pixelfed server. This...

SUSE CVE-2021-32920

Prosody before 0.11.9 allows Uncontrolled CPU Consumption via a flood of SSL/TLS renegotiation requests...

CVE-2021-32918

An issue was discovered in Prosody before 0.11.9. Default settings are susceptible to remote unauthenticated denial-of-service DoS attacks via memory exhaustion when running under Lua 5.2 or Lua 5.3...

Prosodical Thoughts Prosody Information Disclosure Vulnerability

Prosodical Thoughts Prosody is an open source application of Prosodical Thoughts. A modern XMPP communication server. Prosodical Thoughts Prosody is vulnerable to an information disclosure vulnerability that originates in muc.lib.lua in Prosody versions 0.11.0 through 0.11.9, which can be exploit...

CVE-2021-37601

muc.lib.lua in Prosody 0.11.0 through 0.11.9 allows remote attackers to obtain sensitive information list of admins, members, owners, and banned entities of a Multi-User chat room in some common configurations...

Prosodical Thoughts Prosody 安全漏洞

Prosodical Thoughts Prosody is an open source application of Prosodical Thoughts. A modern XMPP communication server. Prosodical Thoughts Prosody is vulnerable to an information disclosure vulnerability that originates in muc.lib.lua in Prosody versions 0.11.0 through 0.11.9, which can be exploit...

Prosodical Thoughts Prosody Resource Management Error Vulnerability

Prosodical Thoughts Prosody is a Prosodical Thoughts open source application . A modern XMPP communication server . A security vulnerability exists in Prosody prior to version 0.11.9. An attacker could control CPU consumption through a large number of SSL/TLS renegotiation requests...

Prosŏdy IM: Multiple vulnerabilities

Background Prosŏdy IM is a modern XMPP communication server. It aims to be easy to set up and configure, and efficient with system resources. Description Multiple vulnerabilities have been discovered in Prosŏdy IM. Please review the CVE identifiers referenced below for details. Impact Please revi...

FreeBSD : Prosody -- multiple vulnerabilities (fc75570a-b417-11eb-a23d-c7ab331fd711)

The Prosody security advisory 2021-05-12 reports : This advisory details 5 new security vulnerabilities discovered in the Prosody.im XMPP server software. All issues are fixed in the 0.11.9 release default configuration. - CVE-2021-32918: DoS via insufficient memory consumption controls -...

DEBIAN-CVE-2021-32920

Prosody before 0.11.9 allows Uncontrolled CPU Consumption via a flood of SSL/TLS renegotiation requests...

CVE-2021-32920

Prosody before 0.11.9 allows Uncontrolled CPU Consumption via a flood of SSL/TLS renegotiation requests...

UBUNTU-CVE-2021-32919

An issue was discovered in Prosody before 0.11.9. The undocumented dialbackwithoutdialback option in moddialback enables an experimental feature for server-to-server authentication. It does not correctly authenticate remote server certificates, allowing a remote server to impersonate another serv...

UBUNTU-CVE-2021-32917

An issue was discovered in Prosody before 0.11.9. The proxy65 component allows open access by default, even if neither of the users has an XMPP account on the local server, allowing unrestricted use of the server's bandwidth...

CVE-2021-32918

An issue was discovered in Prosody before 0.11.9. Default settings are susceptible to remote unauthenticated denial-of-service DoS attacks via memory exhaustion when running under Lua 5.2 or Lua 5.3...

CVE-2021-32917

An issue was discovered in Prosody before 0.11.9. The proxy65 component allows open access by default, even if neither of the users has an XMPP account on the local server, allowing unrestricted use of the server's bandwidth...

Prosodical Thoughts Prosody 授权问题漏洞

Prosodical Thoughts Prosody is a Prosodical Thoughts open source application . A modern XMPP communication server. A security vulnerability exists in Prosody prior to version 0.11.9. A remote attacker could exploit the vulnerability to use the server's bandwidth indefinitely...

Prosodical Thoughts Prosody 信任管理问题漏洞

Prosodical Thoughts Prosody is a Prosodical Thoughts open source application . A modern XMPP communication server. A trust management issue vulnerability exists in Prosody prior to version 0.11.9. The vulnerability stems from the program not properly validating remote server certificates...

Prosodical Thoughts Prosody 安全漏洞

Prosodical Thoughts Prosody is a Prosodical Thoughts open source application . A modern XMPP communication server . A security vulnerability exists in Prosody prior to version 0.11.9. An attacker could control CPU consumption through a large number of SSL/TLS renegotiation requests...

Prosodical Thoughts Prosody 资源管理错误漏洞

Prosodical Thoughts Prosody is a Prosodical Thoughts open source application . A modern XMPP communication server. A security vulnerability exists in Prosody prior to version 0.11.9. A remote attacker could exploit the vulnerability to cause a denial of service to the program...