34 matches found
The vulnerability of the proxy65 component of the Jabber/XMPP Prosody server, related to the absence of an authentication mechanism, allows attackers to trigger a service failure.
The vulnerability of the proxy65 component of the Jabber/XMPP Prosody server lies in the fact that it is configured with open access by default. Exploiting this vulnerability allows a remote attacker to cause a service failure...
[SECURITY] [DLA 2687-1] prosody security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2687-1 [email protected] https://www.debian.org/lts/security/ Anton Gladky June 15, 2021 https://wiki.debian.org/LTS -...
Security update for prosody (important)
openSUSE Security Update: Security update for prosody Announcement ID: openSUSE-SU-2021:0751-1 Rating: important References: 1186027 Cross-References: CVE-2021-32917 CVE-2021-32918 CVE-2021-32919 CVE-2021-32920 Affected Products: openSUSE Backports SLE-15-SP2 An update that fixes four...
Security update for prosody (important)
openSUSE Security Update: Security update for prosody Announcement ID: openSUSE-SU-2021:0728-1 Rating: important References: 1186027 Cross-References: CVE-2021-32917 CVE-2021-32918 CVE-2021-32919 CVE-2021-32920 Affected Products: openSUSE Leap 15.2 An update that fixes four vulnerabilities is now...
CVE-2021-32917
An issue was discovered in Prosody before 0.11.9. The proxy65 component allows open access by default, even if neither of the users has an XMPP account on the local server, allowing unrestricted use of the server's bandwidth...
DEBIAN-CVE-2021-32917
An issue was discovered in Prosody before 0.11.9. The proxy65 component allows open access by default, even if neither of the users has an XMPP account on the local server, allowing unrestricted use of the server's bandwidth...
CVE-2021-32917
An issue was discovered in Prosody before 0.11.9. The proxy65 component allows open access by default, even if neither of the users has an XMPP account on the local server, allowing unrestricted use of the server's bandwidth...
CVE-2021-32917
An issue was discovered in Prosody before 0.11.9. The proxy65 component allows open access by default, even if neither of the users has an XMPP account on the local server, allowing unrestricted use of the server's bandwidth...
Improper access control
An issue was discovered in Prosody before 0.11.9. The proxy65 component allows open access by default, even if neither of the users has an XMPP account on the local server, allowing unrestricted use of the server's bandwidth...
UBUNTU-CVE-2021-32917
An issue was discovered in Prosody before 0.11.9. The proxy65 component allows open access by default, even if neither of the users has an XMPP account on the local server, allowing unrestricted use of the server's bandwidth...
CVE-2021-32917
Prosody (before 0.11.9) is affected by CVE-2021-32917 due to the proxy65 component allowing open access by default, enabling unrestricted use of the server’s bandwidth when mod_proxy65 is enabled. The issue arises even if no local XMPP accounts exist, exposing potential abuse of resources. Public...
CVE-2021-32917
An issue was discovered in Prosody before 0.11.9. The proxy65 component allows open access by default, even if neither of the users has an XMPP account on the local server, allowing unrestricted use of the server's bandwidth...
CVE-2021-32917
An issue was discovered in Prosody before 0.11.9. The proxy65 component allows open access by default, even if neither of the users has an XMPP account on the local server, allowing unrestricted use of the server's bandwidth...
PT-2021-4054 · Prosody +2 · Prosody +2
Name of the Vulnerable Software and Affected Versions: Prosody versions prior to 0.11.9 Description: The issue is related to the proxy65 component of the Prosody server for Jabber/XMPP, which allows open access by default. This can be exploited by a remote attacker to cause a denial of service,...