12 matches found
EUVD-2017-2451
Malware in sbrugna...
EUVD-2011-1753
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2017-10807
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JabberD 2.x aka jabberd2 before 2.6.1 allows anyone to authenticate using SASL ANONYMOUS, even when the sasl.anonymous c2s.xml option is not enabled...
SUSE CVE-2006-1329
The SASL negotiation in Jabber Studio jabberd before 2.0s11 allows remote attackers to cause a denial of service "c2s segfault" by sending a "response stanza before an auth stanza"...
UBUNTU-CVE-2017-10807
JabberD 2.x aka jabberd2 before 2.6.1 allows anyone to authenticate using SASL ANONYMOUS, even when the sasl.anonymous c2s.xml option is not enabled...
DEBIAN-CVE-2012-3525
s2s/out.c in jabberd2 2.2.16 and earlier does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via a 1 Verify Response or 2 Authorization Response...
jabberd SASL DoS
The SASL negotiation in Jabber Studio jabberd before 2.0s11 allows remote attackers to cause a denial of service "c2s segfault" by sending a "response stanza before an auth stanza"...
jabberd -- remote buffer overflow vulnerability
Caused by improper bounds-checking of username and password in the C2S module, it is possible for an attacker to cause a remote buffer overflow. The server directly handles the userinput with SQL backend functions - malicious input may lead to buffer overflow...
Possible DoS attack against jabberd 1.4.3 and jadc2s 0.9.0
jabberd up to and including version 1.4.3 and jadc2s up to and including version 0.9.0 are vulnerable against a DoS attack reported by Jose Antonio Calvo yesterday on the jabberd mailing list. http://jabberstudio.org/pipermail/jabberd/2004-September/002004.html An attacker can crash a running...
jabberd 1.x: Denial of Service vulnerability
Background Jabber is a set of streaming XML protocols enabling message, presence, and other structured information exchange between two hosts. jabberd is the original implementation of the Jabber protocol server. Description Jose Antonio Calvo found a defect in routines handling XML parsing of...
GLSA-200409-31 : jabberd 1.x: Denial of Service vulnerability
The remote host is affected by the vulnerability described in GLSA-200409-31 jabberd 1.x: Denial of Service vulnerability Jose Antonio Calvo found a defect in routines handling XML parsing of incoming data. jabberd 1.x may crash upon reception of invalid data on any socket connection on which XML...
jabberd -- denial-of-service vulnerability
José Antonio Calvo discovered a bug in the Jabber 1.x server. According to Matthias Wimmer: Without this patch, it is possible to remotly crash jabberd14, if there is access to one of the following types of network sockets: Socket accepting client connections Socket accepting connections from oth...