Lucene search
K

13 matches found

Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.28 views

Fedora 23 : prosody-0.9.9-2.fc23 (2016-38e48069f8)

Prosody 0.9.9 ============= A summary of changes: Security fixes -------------- Fix path traversal vulnerability in modhttpfiles CVE-2016-1231 Fix use of weak PRNG in generation of dialback secrets CVE-2016-1232 Bugs ---- Improve handling of CNAME records in DNS Fix traceback when deleting a user...

7.5CVSS6.6AI score0.02867EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.26 views

Fedora 22 : prosody-0.9.9-2.fc22 (2016-e289f41b76)

Prosody 0.9.9 ============= A summary of changes: Security fixes -------------- Fix path traversal vulnerability in modhttpfiles CVE-2016-1231 Fix use of weak PRNG in generation of dialback secrets CVE-2016-1232 Bugs ---- Improve handling of CNAME records in DNS Fix traceback when deleting a user...

7.5CVSS6.6AI score0.02867EPSS
Exploits0References5
OpenWrt
OpenWrt
added 2016/01/28 12:25 p.m.657 views

prosody: Security update (2 CVEs)

The prosody package has been rebuilt and was uploaded to the Chaos Calmer 15.05 repository due to multiple security issues. VERSION 0.9.8-1 = 0.9.9-1 CHANGELOG Mon, 25 Jan 2016 13:31:29 +0100 bb23089 fixes: path traversal vulnerability in modhttpfiles CVE-2016-1231 use of weak PRNG in generation ...

6.4CVSS3.9AI score0.07806EPSS
Exploits1References3
OpenWrt
OpenWrt
added 2016/01/28 12:23 p.m.652 views

prosody: Security update (2 CVEs)

The prosody package has been rebuilt and was uploaded to the Chaos Calmer 15.05 repository due to multiple security issues. VERSION 0.9.8-1 = 0.9.9-1 CHANGELOG Mon, 25 Jan 2016 13:31:29 +0100 bb23089 fixes: path traversal vulnerability in modhttpfiles CVE-2016-1231 use of weak PRNG in generation ...

5CVSS3.9AI score0.02867EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2016/01/21 12:0 a.m.35 views

Fedora Update for prosody FEDORA-2016-38

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.3AI score0.02867EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/01/14 12:0 a.m.38 views

FreeBSD : prosody -- multiple vulnerabilities (842cd117-ba54-11e5-9728-002590263bf5)

The Prosody Team reports : Fix path traversal vulnerability in modhttpfiles CVE-2016-1231 Fix use of weak PRNG in generation of dialback secrets CVE-2016-1232 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBS...

7.5CVSS6.6AI score0.02867EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2016/01/12 8:0 p.m.27 views

CVE-2016-1231

Directory traversal vulnerability in the HTTP file-serving module modhttpfiles in Prosody 0.9.x before 0.9.9 allows remote attackers to read arbitrary files via a .. dot dot in an unspecified path...

5.9CVSS6.4AI score0.02867EPSS
Exploits0
CVE
CVE
added 2016/01/12 8:0 p.m.76 views

CVE-2016-1231

Prosody 0.9.x contains a directory traversal vulnerability in the HTTP file-serving module (mod_http_files) that allows remote attackers to read arbitrary files via a .. path. The issue affects versions before 0.9.9. Impact is Confidentiality with partial exposure as described in CVE-2016-1231; n...

5.9CVSS6.3AI score0.02867EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/01/11 12:0 a.m.35 views

Debian DSA-3439-1 : prosody - security update

Two vulnerabilities were discovered in Prosody, a lightweight Jabber/XMPP server. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2016-1231 Kim Alvefur discovered a flaw in Prosody's HTTP file-serving module that allows it to serve requests outside of the...

7.5CVSS6.6AI score0.02867EPSS
Exploits0References7
Debian
Debian
added 2016/01/10 10:7 a.m.29 views

[SECURITY] [DSA 3439-1] prosody security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3439-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 10, 2016 https://www.debian.org/security/faq -...

7.5CVSS7.5AI score0.02867EPSS
Exploits0
Debian
Debian
added 2016/01/10 10:7 a.m.28 views

[SECURITY] [DSA 3439-1] prosody security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3439-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 10, 2016 https://www.debian.org/security/faq -...

5CVSS1.2AI score0.02867EPSS
Exploits0
OpenVAS
OpenVAS
added 2016/01/10 12:0 a.m.30 views

Debian Security Advisory DSA 3439-1 (prosody - security update)

Two vulnerabilities were discovered in Prosody, a lightweight Jabber/XMPP server. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2016-1231 Kim Alvefur discovered a flaw in Prosody OpenVAS Vulnerability Test $Id: deb3439.nasl 6608 2017-07-07 12:05:05Z cfische...

5CVSS0.02867EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2016/01/08 12:0 a.m.39 views

prosody -- multiple vulnerabilities

The Prosody Team reports: Fix path traversal vulnerability in modhttpfiles CVE-2016-1231 Fix use of weak PRNG in generation of dialback secrets CVE-2016-1232...

7.5CVSS6.4AI score0.02867EPSS
Exploits0References1
Rows per page
Query Builder