Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.802825
Kategorie:Denial of Service
Titel:Jabber Studio Jabberd Server SASL Negotiation Denial of Service Vulnerability
Zusammenfassung:This host is running Jabberd server and is prone to denial; of service vulnerability.
Beschreibung:Summary:
This host is running Jabberd server and is prone to denial
of service vulnerability.

Vulnerability Insight:
The flaw is caused due to an error within the handling of SASL negotiation.
This can be exploited to cause a crash by sending a 'response' stanza before
an 'auth' stanza.

Vulnerability Impact:
Successful exploitation may allow remote attackers to cause the application
to crash, creating a denial-of-service condition.

Affected Software/OS:
Jabber Studio jabberd Server version before 2.0s11

Solution:
Upgrade to Jabber Studio jabberd Server version 2.0s11 or later.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Querverweis: BugTraq ID: 17155
Common Vulnerability Exposure (CVE) ID: CVE-2006-1329
http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
http://www.securityfocus.com/bid/17155
http://www.redhat.com/support/errata/RHSA-2008-0261.html
http://secunia.com/advisories/19281
http://www.vupen.com/english/advisories/2006/1009
XForce ISS Database: jabberd-sasl-dos(25334)
https://exchange.xforce.ibmcloud.com/vulnerabilities/25334
CopyrightCopyright (c) 2012 Greenbone Networks GmbH

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.