Lucene search
K

6 matches found

OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.15 views

Mageia: Security Advisory (MGASA-2014-0417)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.5AI score0.01314EPSS
Exploits0References5
Debian
Debian
added 2017/04/01 7:52 p.m.16 views

[SECURITY] [DLA 881-1] ejabberd security update

Package : ejabberd Version : 2.1.10-4+deb7u2 CVE ID : CVE-2014-8760 Debian Bug : 767521 767535 It was found that ejabberd does not enforce the starttlsrequired setting when compression is used, which causes clients to establish connections without encryption. For Debian 7 "Wheezy", this problem h...

5CVSS5.7AI score0.01314EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/03/31 12:0 a.m.20 views

Mandriva Linux Security Advisory : ejabberd (MDVSA-2015:175)

Updated ejabberd packages fix security vulnerability : A flaw was discovered in ejabberd that allows clients to connect with an unencrypted connection even if starttlsrequired is set CVE-2014-8760. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in thi...

5CVSS5.4AI score0.01314EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/10/27 12:0 a.m.28 views

Mandriva Linux Security Advisory : ejabberd (MDVSA-2014:207)

Updated ejabberd packages fix security vulnerability : A flaw was discovered in ejabberd that allows clients to connect with an unencrypted connection even if starttlsrequired is set CVE-2014-8760. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in thi...

5CVSS5.4AI score0.01314EPSS
Exploits0References2
OSV
OSV
added 2014/10/25 12:55 a.m.1 views

DEBIAN-CVE-2014-8760

ejabberd before 2.1.13 does not enforce the starttlsrequired setting when compression is used, which causes clients to establish connections without encryption...

5CVSS6.9AI score0.01314EPSS
Exploits0References1
CVE
CVE
added 2014/10/25 12:0 a.m.43 views

CVE-2014-8760

CVE-2014-8760 affects ejabberd prior to 2.1.13, where the starttls_required setting is not enforced when compression is used, allowing connections to be established without encryption. Public disclosures/ advisories (Debian DLA-881-1, Mandriva MDVSA entries, Mageia advisory) document the issue an...

5CVSS6.3AI score0.01314EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder