Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:11 p.m.8 views

CVE-2020-8086

The modauthldap and modauthldap2 Community Modules through 2020-01-27 for Prosody incompletely verify the XMPP address passed to the isadmin function. This grants remote entities admin-only functionality if their username matches the username of a local admin...

9.8CVSS6.7AI score0.01564EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/02/03 12:0 a.m.27 views

Debian DSA-4612-1 : prosody-modules - security update

It was discovered that the LDAP authentication modules for the Prosody Jabber/XMPP server incorrectly validated the XMPP address when checking whether a user has admin access. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Securi...

9.8CVSS8.2AI score0.01564EPSS
Exploits0References3
Debian
Debian
added 2020/01/31 9:55 p.m.151 views

[SECURITY] [DSA 4612-1] prosody-modules security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4612-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 31, 2020 https://www.debian.org/security/faq -...

9.8CVSS9.7AI score0.01564EPSS
Exploits0
OSV
OSV
added 2020/01/28 5:15 p.m.8 views

CVE-2020-8086

The modauthldap and modauthldap2 Community Modules through 2020-01-27 for Prosody incompletely verify the XMPP address passed to the isadmin function. This grants remote entities admin-only functionality if their username matches the username of a local admin...

9.8CVSS9.2AI score
Exploits0References5
UbuntuCve
UbuntuCve
added 2020/01/28 5:15 p.m.22 views

CVE-2020-8086

The modauthldap and modauthldap2 Community Modules through 2020-01-27 for Prosody incompletely verify the XMPP address passed to the isadmin function. This grants remote entities admin-only functionality if their username matches the username of a local admin...

9.8CVSS7.2AI score0.01564EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2020/01/28 4:15 p.m.41 views

CVE-2020-8086

The modauthldap and modauthldap2 Community Modules through 2020-01-27 for Prosody incompletely verify the XMPP address passed to the isadmin function. This grants remote entities admin-only functionality if their username matches the username of a local admin...

9.8CVSS9.3AI score0.01564EPSS
Exploits0
CVE
CVE
added 2020/01/28 4:15 p.m.72 views

CVE-2020-8086

The CVE-2020-8086 issue affects Prosody via the mod_auth_ldap and mod_auth_ldap2 Community Modules, where the XMPP address argument to is_admin() is not fully verified. This can allow remote entities to gain admin-only privileges if their username matches a local admin’s username. Public document...

9.8CVSS9.1AI score0.01564EPSS
Exploits0References5Affected Software2
Rows per page
Query Builder