CVE-2021-32919

An issue was discovered in Prosody before 0.11.9. The undocumented dialbackwithoutdialback option in moddialback enables an experimental feature for server-to-server authentication. It does not correctly authenticate remote server certificates, allowing a remote server to impersonate another serv...

CVE-2016-1232

The moddialback module in Prosody before 0.9.9 does not properly generate random values for the secret token for server-to-server dialback authentication, which makes it easier for attackers to spoof servers via a brute force attack...

Debian DSA-3439-1 : prosody - security update

Two vulnerabilities were discovered in Prosody, a lightweight Jabber/XMPP server. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2016-1231 Kim Alvefur discovered a flaw in Prosody's HTTP file-serving module that allows it to serve requests outside of the...

DSA-3439-1 prosody - security update

Bulletin has no description...

Debian Security Advisory DSA 3439-1 (prosody - security update)

Two vulnerabilities were discovered in Prosody, a lightweight Jabber/XMPP server. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2016-1231 Kim Alvefur discovered a flaw in Prosody OpenVAS Vulnerability Test $Id: deb3439.nasl 6608 2017-07-07 12:05:05Z cfische...