Lucene search
K

13 matches found

OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.12 views

Mageia: Security Advisory (MGASA-2013-0170)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.5AI score0.02027EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.27 views

openSUSE Security Update : telepathy-gabble (openSUSE-SU-2013:1013-1)

This update of telepathy-gabble fixes a TLS bypass problem. Changes in telepathy-gabble : - Add telepathy-gabble-cve-2013-1431.patch bnc822586. This makes it respect the TLS-required flag on legacy Jabber servers. Identified as CVE-2013-1431. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. T...

6.8CVSS5.3AI score0.02027EPSS
Exploits0References3
CVE
CVE
added 2013/09/23 8:0 p.m.70 views

CVE-2013-1431

CVE-2013-1431 affects the Wocky submodule in telepathy-gabble (Gabble) prior to 0.16.6 and 0.17.x prior to 0.17.4 when connecting to legacy Jabber servers. The flaw allows bypassing WockyConnector:tls-required and TLS verification, enabling MITM attacks. Fixes are provided in patches and updated ...

6.8CVSS6.3AI score0.02027EPSS
Exploits0References5Affected Software1
securityvulns
securityvulns
added 2013/06/17 12:0 a.m.36 views

[SECURITY] [DSA 2702-1] telepathy-gabble security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2702-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso June 03, 2013 http://www.debian.org/security/faq -...

6.8CVSS1.4AI score0.02027EPSS
Exploits0
OpenVAS
OpenVAS
added 2013/06/13 12:0 a.m.18 views

Ubuntu Update for telepathy-gabble USN-1873-1

Check for the Version of telepathy-gabble OpenVAS Vulnerability Test $Id: gbubuntuUSN18731.nasl 7958 2017-12-01 06:47:47Z santu $ Ubuntu Update for telepathy-gabble USN-1873-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This progra...

6.8CVSS6.3AI score0.02448EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/06/13 12:0 a.m.19 views

Ubuntu 12.04 LTS / 12.10 / 13.04 : telepathy-gabble vulnerabilities (USN-1873-1)

Maksim Otstavnov discovered that telepathy-gabble incorrectly handled TLS when connecting to legacy jabber servers. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. CVE-2013-1431 It was discovered that telepathy-gabb...

6.8CVSS5.5AI score0.02448EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2013/06/13 12:0 a.m.18 views

Ubuntu: Security Advisory (USN-1873-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.5AI score0.02448EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/06/10 12:0 a.m.20 views

Fedora Update for telepathy-gabble FEDORA-2013-9794

Check for the Version of telepathy-gabble OpenVAS Vulnerability Test Fedora Update for telepathy-gabble FEDORA-2013-9794 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modi...

6.8CVSS6.4AI score0.02027EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/06/10 12:0 a.m.15 views

Fedora Update for telepathy-gabble FEDORA-2013-9794

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.5AI score0.02027EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/06/06 12:0 a.m.18 views

FreeBSD : telepathy-gabble -- TLS verification bypass (a3c2dee5-cdb9-11e2-b9ce-080027019be0)

"Simon McVittie reports : This release fixes a man-in-the-middle attack. If you use an unencrypted connection to a 'legacy Jabber' pre-XMPP server, this version of Gabble will not connect until you make one of these configuration changes : . upgrade the server software to something that supports...

6.8CVSS5.4AI score0.02027EPSS
Exploits0References3
Debian
Debian
added 2013/06/03 6:40 p.m.24 views

[SECURITY] [DSA 2702-1] telepathy-gabble security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2702-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso June 03, 2013 http://www.debian.org/security/faq -...

6.8CVSS5.6AI score0.02027EPSS
Exploits0
OpenVAS
OpenVAS
added 2013/06/03 12:0 a.m.23 views

Debian Security Advisory DSA 2702-1 (telepathy-gabble - TLS verification bypass)

Maksim Otstavnov discovered that the Wocky submodule used by telepathy-gabble, the Jabber/XMPP connection manager for the Telepathy framework, does not respect the tls-required flag on legacy Jabber servers. A network intermediary could use this vulnerability to bypass TLS verification and perfor...

6.8CVSS6.1AI score0.02027EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2013/05/30 12:0 a.m.18 views

CVE-2013-1431

The Wocky module in Telepathy Gabble before 0.16.6 and 0.17.x before 0.17.4, when connecting to a "legacy Jabber server," does not properly enforce the WockyConnector:tls-required flag, which allows remote attackers to bypass TLS verification and perform a man-in-the-middle attacks...

6.8CVSS5.9AI score0.02027EPSS
Exploits0References4
Rows per page
Query Builder