6 matches found
Fedora Update for smack FEDORA-2014-16383
Check the version of smack SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868607";...
CVE-2014-5075
The Ignite Realtime Smack XMPP API 4.x before 4.0.2, and 3.x and 2.x when a custom SSLContext is used, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof...
CVE-2014-5075
CVE-2014-5075 : The Ignite Realtime Smack XMPP API (4.x before 4.0.2; 3.x and 2.x when a custom SSLContext is used) does not verify that the SSL certificate’s CN or SAN matches the server hostname, enabling man-in-the-middle with an arbitrary valid certificate. This is a hostname verification fla...
Fedora Update for smack FEDORA-2014-9694
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 20 : smack-3.2.2-5.fc20 (2014-9694)
fix for CVE-2014-5075 rhbz1127277 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...
CVE-2014-5075 MitM Vulnerability in the Smack XMPP Library for Java
CVE-2014-5075 MitM Vulnerability in the Smack XMPP Library for Java =================================================================== Smack http://www.igniterealtime.org/projects/smack/ is an Open Source XMPP Jabber client library for instant messaging and presence written in Java. Smack prior ...