Lucene search
K

7 matches found

OpenVAS
OpenVAS
added 2014/05/05 12:0 a.m.22 views

Fedora Update for prosody FEDORA-2014-5586

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.5AI score0.03313EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2014/05/05 12:0 a.m.22 views

Fedora Update for prosody FEDORA-2014-5586

Check for the Version of prosody OpenVAS Vulnerability Test Fedora Update for prosody FEDORA-2014-5586 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

7.8CVSS0.4AI score0.03313EPSS
Exploits2References2
Debian
Debian
added 2014/04/20 11:42 p.m.28 views

[SECURITY] [DSA 2895-2] prosody regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-2895-2 [email protected] http://www.debian.org/security/ Luciano Bello April 21, 2014 http://www.debian.org/security/faq -...

7.8CVSS5.7AI score0.03313EPSS
Exploits2
OSV
OSV
added 2014/04/11 1:55 a.m.5 views

CVE-2014-2745

Prosody before 0.9.4 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service resource consumption via a crafted XMPP stream, aka an "xmppbomb" attack, related to core/portmanager.lua and util/xmppstream.lua...

6.3AI score
Exploits0References8
CVE
CVE
added 2014/04/11 1:0 a.m.71 views

CVE-2014-2745

Prosody before 0.9.4 is vulnerable to a denial-of-service via crafted XMPP streams that exploit improper handling of compressed XML elements (xmppbomb), related to core/portmanager.lua and util/xmppstream.lua. The issue can allow a remote attacker to exhaust resources on the server. Public adviso...

7.8CVSS6.4AI score0.03141EPSS
Exploits1References8Affected Software1
seebug.org
seebug.org
added 2014/04/11 12:0 a.m.42 views

Prosody XML解压缩拒绝服务漏洞

CVE ID:CVE-2014-2744、CVE-2014-2745 Prosody是一个用Lua语言编写的Jabber/XMPP服务器软件。 Prosody处理压缩流存在错误,允许攻击者通过XMPP流提交特制的XML消耗系统资源,造成拒绝服务攻击。 0 Prosody 0.x Prosody 0.9.4版本已修复该漏洞,建议用户下载使用: http://www.prosody.im...

7.8CVSS0.4AI score0.03313EPSS
Exploits2
Prion
Prion
added 2014/04/10 8:55 p.m.15 views

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-2744, CVE-2014-2745. Reason: This candidate is a duplicate of CVE-2014-2744 and/or CVE-2014-2745. Notes: All CVE users should reference CVE-2014-2744 and/or CVE-2014-2745 instead of this candidate. All references and...

6.6AI score0.03313EPSS
Exploits2
Rows per page
Query Builder