Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

SUSE CVE
SUSE CVEadded 2023/02/15 5:8 a.m.2 views

SUSE CVE-2016-1232

The moddialback module in Prosody before 0.9.9 does not properly generate random values for the secret token for server-to-server dialback authentication, which makes it easier for attackers to spoof servers via a brute force attack...

7.5CVSS6.7AI score0.00708EPSS
Exploits0References2
Veracode
Veracodeadded 2021/05/14 10:22 p.m.19 views

Authentication Bypass

prosody is vulnerable to authentication bypass. The undocumented dialbackwithoutdialback option in moddialback enables an experimental feature for server-to-server authentication. It does not correctly authenticate remote server certificates, allowing a remote server to impersonate another server...

7.5CVSS5.4AI score0.00344EPSS
Exploits0References13Affected Software1
OSV
OSVadded 2021/05/13 4:15 p.m.1 views

DEBIAN-CVE-2021-32919

An issue was discovered in Prosody before 0.11.9. The undocumented dialbackwithoutdialback option in moddialback enables an experimental feature for server-to-server authentication. It does not correctly authenticate remote server certificates, allowing a remote server to impersonate another serv...

7.5CVSS7.4AI score0.00344EPSS
Exploits0References1
CNVD
CNVDadded 2016/02/02 12:0 a.m.2 views

Unspecified vulnerability in Prosody mod_dialback module

Prosody is a suite of Jabber/XMPP communication server software written in Lua. moddialback is one of the authentication modules used for communication between local servers. A security vulnerability exists in the 'generatedialback' function in the moddialback module in versions of Prosody prior ...

5.3CVSS6.8AI score0.00681EPSS
Exploits0References1
CNVD
CNVDadded 2016/01/15 12:0 a.m.1 views

Prosody mod_dialback module spoofing vulnerability

Prosody is a set of Jabber/XMPP communication server software written in Lua. Prosody's moddialback module fails to correctly generate random numbers for the server-to-server dialback authentication secret token, allowing remote attackers to spoof the server by performing a brute-force attack...

7.5CVSS7.1AI score0.00708EPSS
Exploits0References1
OSV
OSVadded 2016/01/12 8:59 p.m.1 views

DEBIAN-CVE-2016-1232

The moddialback module in Prosody before 0.9.9 does not properly generate random values for the secret token for server-to-server dialback authentication, which makes it easier for attackers to spoof servers via a brute force attack...

7.5CVSS7.1AI score0.00708EPSS
Exploits0References1
OSV
OSVadded 2016/01/12 8:59 p.m.5 views

CVE-2016-1232

The moddialback module in Prosody before 0.9.9 does not properly generate random values for the secret token for server-to-server dialback authentication, which makes it easier for attackers to spoof servers via a brute force attack...

7.5CVSS7.2AI score
Exploits0References7
Rows per page
Query Builder