This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/a:process-one:ejabberd:1.1.1 |
| Detail | |||
|---|---|---|---|
| Vendor | Process-One | First view | 2007-02-13 |
| Product | Ejabberd | Last view | 2013-10-17 |
| Version | 1.1.1 | Type | Application |
| Edition | |||
| Language | |||
| Update | |||
| CPE Product | cpe:/a:process-one:ejabberd | ||
Activity : Overall
Related : CVE
| Date | Alert | Access Vector | Access Complexity | Authentication | ||
|---|---|---|---|---|---|---|
| 4.3 | 2013-10-17 | CVE-2013-6169 | Network | Medium | None Requ... | |
| 5 | 2011-06-20 | CVE-2011-1753 | Network | Low | None Requ... | |
| 5 | 2010-02-03 | CVE-2010-0305 | Network | Low | None Requ... | |
| 4.3 | 2009-03-17 | CVE-2009-0934 | Network | Medium | None Requ... | |
| 10 | 2007-02-13 | CVE-2007-0903 | Network | Low | None Requ... |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 25% (1) | CWE-399 | Resource Management Errors |
| 25% (1) | CWE-310 | Cryptographic Issues |
| 25% (1) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 25% (1) | CWE-20 | Improper Input Validation |
Oval Markup Language : Definitions
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:8184 | DSA-1774 ejabberd -- insufficient input sanitising |
| oval:org.mitre.oval:def:13304 | DSA-1774-1 ejabberd -- insufficient input sanitising |
| oval:org.mitre.oval:def:7590 | DSA-2033 ejabberd -- heap overflow |
| oval:org.mitre.oval:def:13558 | DSA-2033-1 ejabberd -- heap overflow |
| oval:org.mitre.oval:def:12946 | DSA-2248-1 ejabberd -- denial of service |
| id | Name |
|---|---|
| oval:org.mitre.oval:def:19415 | DSA-2775-1 ejabberd - insecure SSL usage |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 73170 | ejabberd Entity Expansion Recursion XML Nested Entity Handling DoS |
| 62066 | ejabberd ejabberd_c2s.erl c2s Message Saturation Remote DoS |
| 52714 | ejabberd MUC Logs Unspecified XSS |
| 33179 | ejabberd mod_roster_odbc Module Unspecified Issue |
OpenVAS Exploits
| id | Description |
|---|---|
| 2012-08-10 | Name : Gentoo Security Advisory GLSA 201206-10 (ejabberd) File : nvt/glsa_201206_10.nasl |
| 2011-08-03 | Name : Debian Security Advisory DSA 2248-1 (ejabberd) File : nvt/deb_2248_1.nasl |
| 2011-08-03 | Name : FreeBSD Ports: ejabberd File : nvt/freebsd_ejabberd1.nasl |
| 2011-07-12 | Name : Fedora Update for ejabberd FEDORA-2011-8415 File : nvt/gb_fedora_2011_8415_ejabberd_fc15.nasl |
| 2011-07-08 | Name : Fedora Update for ejabberd FEDORA-2011-8437 File : nvt/gb_fedora_2011_8437_ejabberd_fc14.nasl |
| id | Description |
|---|---|
| 2011-06-24 | Name : ejabberd XML Parsing Denial of Service Vulnerability (Windows) File : nvt/secpod_ejabberd_dos_vuln_win.nasl |
| 2010-04-21 | Name : FreeBSD Ports: ejabberd File : nvt/freebsd_ejabberd0.nasl |
| 2010-04-21 | Name : Debian Security Advisory DSA 2033-1 (ejabberd) File : nvt/deb_2033_1.nasl |
| 2010-02-08 | Name : ejabberd 'client2server' Message Remote Denial of Service Vulnerability File : nvt/ejabberd_38003.nasl |
| 2009-04-20 | Name : FreeBSD Ports: ejabberd File : nvt/freebsd_ejabberd.nasl |
| 2009-04-20 | Name : Debian Security Advisory DSA 1774-1 (ejabberd) File : nvt/deb_1774_1.nasl |
| 2009-03-20 | Name : Fedora Core 10 FEDORA-2009-2746 (ejabberd) File : nvt/fcore_2009_2746.nasl |
| 2009-03-20 | Name : Fedora Core 9 FEDORA-2009-2747 (ejabberd) File : nvt/fcore_2009_2747.nasl |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_ejabberd_20140731.nasl - Type : ACT_GATHER_INFO |
| 2014-01-19 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-005.nasl - Type : ACT_GATHER_INFO |
| 2013-10-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2775.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2011-0881.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2011-0882.nasl - Type : ACT_GATHER_INFO |
| id | Description |
|---|---|
| 2012-06-22 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201206-10.nasl - Type : ACT_GATHER_INFO |
| 2011-06-30 | Name : The remote Fedora host is missing a security update. File : fedora_2011-8415.nasl - Type : ACT_GATHER_INFO |
| 2011-06-30 | Name : The remote Fedora host is missing a security update. File : fedora_2011-8437.nasl - Type : ACT_GATHER_INFO |
| 2011-06-27 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_01d3ab7d9c4311e0bc0f0014a5e3cda6.nasl - Type : ACT_GATHER_INFO |
| 2011-06-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2248.nasl - Type : ACT_GATHER_INFO |
| 2010-04-20 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_a04a3c13493211df83fb0015587e2cc1.nasl - Type : ACT_GATHER_INFO |
| 2010-04-16 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2033.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2009-2746.nasl - Type : ACT_GATHER_INFO |
| 2009-04-21 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_cf91c1e42b6d11de931b00e0815b8da8.nasl - Type : ACT_GATHER_INFO |
| 2009-04-17 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1774.nasl - Type : ACT_GATHER_INFO |
| 2009-03-19 | Name : The remote Fedora host is missing a security update. File : fedora_2009-2747.nasl - Type : ACT_GATHER_INFO |
