SUSE CVE-2016-1231

Directory traversal vulnerability in the HTTP file-serving module modhttpfiles in Prosody 0.9.x before 0.9.9 allows remote attackers to read arbitrary files via a .. dot dot in an unspecified path...

Fedora 33 : prosody (2020-9f354ec1ad)

Prosody 0.11.7 ============== This is a security release for the 0.11.x stable branch. It is strongly recommended that all users upgrade to this release, especially those whose deployments have enabled modwebsocket. As well as upgrading, we recommend all public deployments to review and configure...

Fedora 23 : prosody-0.9.9-2.fc23 (2016-38e48069f8)

Prosody 0.9.9 ============= A summary of changes: Security fixes -------------- Fix path traversal vulnerability in modhttpfiles CVE-2016-1231 Fix use of weak PRNG in generation of dialback secrets CVE-2016-1232 Bugs ---- Improve handling of CNAME records in DNS Fix traceback when deleting a user...

FreeBSD : prosody -- multiple vulnerabilities (842cd117-ba54-11e5-9728-002590263bf5)

The Prosody Team reports : Fix path traversal vulnerability in modhttpfiles CVE-2016-1231 Fix use of weak PRNG in generation of dialback secrets CVE-2016-1232 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBS...

DEBIAN-CVE-2016-1231

Directory traversal vulnerability in the HTTP file-serving module modhttpfiles in Prosody 0.9.x before 0.9.9 allows remote attackers to read arbitrary files via a .. dot dot in an unspecified path...

CVE-2016-1231

Prosody 0.9.x contains a directory traversal vulnerability in the HTTP file-serving module (mod_http_files) that allows remote attackers to read arbitrary files via a .. path. The issue affects versions before 0.9.9. Impact is Confidentiality with partial exposure as described in CVE-2016-1231; n...