13 matches found
Fedora 23 : prosody-0.9.9-2.fc23 (2016-38e48069f8)
Prosody 0.9.9 ============= A summary of changes: Security fixes -------------- Fix path traversal vulnerability in modhttpfiles CVE-2016-1231 Fix use of weak PRNG in generation of dialback secrets CVE-2016-1232 Bugs ---- Improve handling of CNAME records in DNS Fix traceback when deleting a user...
Fedora 22 : prosody-0.9.9-2.fc22 (2016-e289f41b76)
Prosody 0.9.9 ============= A summary of changes: Security fixes -------------- Fix path traversal vulnerability in modhttpfiles CVE-2016-1231 Fix use of weak PRNG in generation of dialback secrets CVE-2016-1232 Bugs ---- Improve handling of CNAME records in DNS Fix traceback when deleting a user...
prosody: Security update (2 CVEs)
The prosody package has been rebuilt and was uploaded to the Chaos Calmer 15.05 repository due to multiple security issues. VERSION 0.9.8-1 = 0.9.9-1 CHANGELOG Mon, 25 Jan 2016 13:31:29 +0100 bb23089 fixes: path traversal vulnerability in modhttpfiles CVE-2016-1231 use of weak PRNG in generation ...
prosody: Security update (2 CVEs)
The prosody package has been rebuilt and was uploaded to the Chaos Calmer 15.05 repository due to multiple security issues. VERSION 0.9.8-1 = 0.9.9-1 CHANGELOG Mon, 25 Jan 2016 13:31:29 +0100 bb23089 fixes: path traversal vulnerability in modhttpfiles CVE-2016-1231 use of weak PRNG in generation ...
Fedora Update for prosody FEDORA-2016-38
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD : prosody -- multiple vulnerabilities (842cd117-ba54-11e5-9728-002590263bf5)
The Prosody Team reports : Fix path traversal vulnerability in modhttpfiles CVE-2016-1231 Fix use of weak PRNG in generation of dialback secrets CVE-2016-1232 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBS...
CVE-2016-1231
Directory traversal vulnerability in the HTTP file-serving module modhttpfiles in Prosody 0.9.x before 0.9.9 allows remote attackers to read arbitrary files via a .. dot dot in an unspecified path...
CVE-2016-1231
Prosody 0.9.x contains a directory traversal vulnerability in the HTTP file-serving module (mod_http_files) that allows remote attackers to read arbitrary files via a .. path. The issue affects versions before 0.9.9. Impact is Confidentiality with partial exposure as described in CVE-2016-1231; n...
Debian DSA-3439-1 : prosody - security update
Two vulnerabilities were discovered in Prosody, a lightweight Jabber/XMPP server. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2016-1231 Kim Alvefur discovered a flaw in Prosody's HTTP file-serving module that allows it to serve requests outside of the...
[SECURITY] [DSA 3439-1] prosody security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3439-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 10, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3439-1] prosody security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3439-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 10, 2016 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3439-1 (prosody - security update)
Two vulnerabilities were discovered in Prosody, a lightweight Jabber/XMPP server. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2016-1231 Kim Alvefur discovered a flaw in Prosody OpenVAS Vulnerability Test $Id: deb3439.nasl 6608 2017-07-07 12:05:05Z cfische...
prosody -- multiple vulnerabilities
The Prosody Team reports: Fix path traversal vulnerability in modhttpfiles CVE-2016-1231 Fix use of weak PRNG in generation of dialback secrets CVE-2016-1232...