3 matches found
GLSA-201406-35 : Openfire: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201406-35 Openfire: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Openfire. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly cause a Denial of...
CVE-2009-1596
Ignite Realtime Openfire before 3.6.5 does not properly implement the register.password aka canChangePassword console configuration setting, which allows remote authenticated users to bypass intended policy and change their own passwords via a passwdchange IQ packet...
CVE-2009-1596
CVE-2009-1596 affects Ignite Realtime Openfire prior to 3.6.5. The register.password (canChangePassword) console setting is not properly enforced, allowing remote authenticated users to bypass the intended policy and change their own passwords via a passwd_change IQ packet. The vulnerability enab...