5

CVE-2006-1329

The SASL negotiation in Jabber Studio jabberd before 2.0s11 allows remote attackers to cause a denial of service ("c2s segfault") by sending a "response stanza before an auth stanza".
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
JabberstudioJabberd Version <= 2.0_s10
JabberstudioJabberd Version2.0_a1
JabberstudioJabberd Version2.0_a2
JabberstudioJabberd Version2.0_a3
JabberstudioJabberd Version2.0_a4
JabberstudioJabberd Version2.0_a5
JabberstudioJabberd Version2.0_a6
JabberstudioJabberd Version2.0_b1
JabberstudioJabberd Version2.0_b2
JabberstudioJabberd Version2.0_b3
JabberstudioJabberd Version2.0_rc1
JabberstudioJabberd Version2.0_rc2
JabberstudioJabberd Version2.0_s1
JabberstudioJabberd Version2.0_s2
JabberstudioJabberd Version2.0_s3
JabberstudioJabberd Version2.0_s4
JabberstudioJabberd Version2.0_s5
JabberstudioJabberd Version2.0_s6
JabberstudioJabberd Version2.0_s7
JabberstudioJabberd Version2.0_s8
JabberstudioJabberd Version2.0_s9
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.83% 0.848
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.redhat.com/support/errata/RHSA-2008-0261.html
http://article.gmane.org/gmane.network.jabber.admin/27372
Patch
http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
http://secunia.com/advisories/19281
Vendor Advisory
http://support.apple.com/kb/HT4077
http://www.securityfocus.com/bid/17155
http://www.vupen.com/english/advisories/2006/1009
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/25334