7 matches found
CVE-2020-8086
The modauthldap and modauthldap2 Community Modules through 2020-01-27 for Prosody incompletely verify the XMPP address passed to the isadmin function. This grants remote entities admin-only functionality if their username matches the username of a local admin...
Debian DSA-4612-1 : prosody-modules - security update
It was discovered that the LDAP authentication modules for the Prosody Jabber/XMPP server incorrectly validated the XMPP address when checking whether a user has admin access. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Securi...
[SECURITY] [DSA 4612-1] prosody-modules security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4612-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 31, 2020 https://www.debian.org/security/faq -...
CVE-2020-8086
The modauthldap and modauthldap2 Community Modules through 2020-01-27 for Prosody incompletely verify the XMPP address passed to the isadmin function. This grants remote entities admin-only functionality if their username matches the username of a local admin...
CVE-2020-8086
The modauthldap and modauthldap2 Community Modules through 2020-01-27 for Prosody incompletely verify the XMPP address passed to the isadmin function. This grants remote entities admin-only functionality if their username matches the username of a local admin...
CVE-2020-8086
The modauthldap and modauthldap2 Community Modules through 2020-01-27 for Prosody incompletely verify the XMPP address passed to the isadmin function. This grants remote entities admin-only functionality if their username matches the username of a local admin...
CVE-2020-8086
The CVE-2020-8086 issue affects Prosody via the mod_auth_ldap and mod_auth_ldap2 Community Modules, where the XMPP address argument to is_admin() is not fully verified. This can allow remote entities to gain admin-only privileges if their username matches a local admin’s username. Public document...