This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
Summuary | |
---|---|
CPE Name | cpe:/a:process-one:ejabberd:1.1.1 |
Detail | |||
---|---|---|---|
Vendor | Process-One | First view | 2006-05-05 |
Product | Ejabberd | Last view | 2014-10-24 |
Version | 1.1.1 | Type | Application |
Edition | |||
Language | |||
Update | |||
CPE Product | cpe:/a:process-one:ejabberd |
Activity : Overall
Related : CVE
Date | Alert | Access Vector | Access Complexity | Authentication | ||
---|---|---|---|---|---|---|
5 | 2014-10-24 | CVE-2014-8760 | Network | Low | None Requ... | |
4.3 | 2013-10-17 | CVE-2013-6169 | Network | Medium | None Requ... | |
5 | 2011-06-20 | CVE-2011-1753 | Network | Low | None Requ... | |
5 | 2010-02-03 | CVE-2010-0305 | Network | Low | None Requ... | |
4.3 | 2009-03-17 | CVE-2009-0934 | Network | Medium | None Requ... | |
Date | Alert | Access Vector | Access Complexity | Authentication | ||
---|---|---|---|---|---|---|
10 | 2007-02-13 | CVE-2007-0903 | Network | Low | None Requ... | |
2.1 | 2006-05-05 | CVE-2006-2221 | Local | Low | None Requ... |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
40% (2) | CWE-310 | Cryptographic Issues |
20% (1) | CWE-399 | Resource Management Errors |
20% (1) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
20% (1) | CWE-20 | Improper Input Validation |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:12946 | DSA-2248-1 ejabberd -- denial of service |
oval:org.mitre.oval:def:19415 | DSA-2775-1 ejabberd - insecure SSL usage |
oval:org.mitre.oval:def:8184 | DSA-1774 ejabberd -- insufficient input sanitising |
oval:org.mitre.oval:def:13304 | DSA-1774-1 ejabberd -- insufficient input sanitising |
oval:org.mitre.oval:def:7590 | DSA-2033 ejabberd -- heap overflow |
id | Name |
---|---|
oval:org.mitre.oval:def:13558 | DSA-2033-1 ejabberd -- heap overflow |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
73170 | ejabberd Entity Expansion Recursion XML Nested Entity Handling DoS |
62066 | ejabberd ejabberd_c2s.erl c2s Message Saturation Remote DoS |
52714 | ejabberd MUC Logs Unspecified XSS |
33179 | ejabberd mod_roster_odbc Module Unspecified Issue |
25215 | BitRock InstallBuilder bitrock_installer.log Symlink Arbitrary File Overwrite |
OpenVAS Exploits
id | Description |
---|---|
2012-08-10 | Name : Gentoo Security Advisory GLSA 201206-10 (ejabberd) File : nvt/glsa_201206_10.nasl |
2011-08-03 | Name : Debian Security Advisory DSA 2248-1 (ejabberd) File : nvt/deb_2248_1.nasl |
2011-08-03 | Name : FreeBSD Ports: ejabberd File : nvt/freebsd_ejabberd1.nasl |
2011-07-12 | Name : Fedora Update for ejabberd FEDORA-2011-8415 File : nvt/gb_fedora_2011_8415_ejabberd_fc15.nasl |
2011-07-08 | Name : Fedora Update for ejabberd FEDORA-2011-8437 File : nvt/gb_fedora_2011_8437_ejabberd_fc14.nasl |
id | Description |
---|---|
2011-06-24 | Name : ejabberd XML Parsing Denial of Service Vulnerability (Windows) File : nvt/secpod_ejabberd_dos_vuln_win.nasl |
2010-04-21 | Name : FreeBSD Ports: ejabberd File : nvt/freebsd_ejabberd0.nasl |
2010-04-21 | Name : Debian Security Advisory DSA 2033-1 (ejabberd) File : nvt/deb_2033_1.nasl |
2010-02-08 | Name : ejabberd 'client2server' Message Remote Denial of Service Vulnerability File : nvt/ejabberd_38003.nasl |
2009-04-20 | Name : FreeBSD Ports: ejabberd File : nvt/freebsd_ejabberd.nasl |
2009-04-20 | Name : Debian Security Advisory DSA 1774-1 (ejabberd) File : nvt/deb_1774_1.nasl |
2009-03-20 | Name : Fedora Core 10 FEDORA-2009-2746 (ejabberd) File : nvt/fcore_2009_2746.nasl |
2009-03-20 | Name : Fedora Core 9 FEDORA-2009-2747 (ejabberd) File : nvt/fcore_2009_2747.nasl |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2017-04-03 | Name : The remote Debian host is missing a security update. File : debian_DLA-881.nasl - Type : ACT_GATHER_INFO |
2015-03-31 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-175.nasl - Type : ACT_GATHER_INFO |
2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_ejabberd_20140731.nasl - Type : ACT_GATHER_INFO |
2014-10-27 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-207.nasl - Type : ACT_GATHER_INFO |
2014-01-19 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-005.nasl - Type : ACT_GATHER_INFO |
id | Description |
---|---|
2013-10-11 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2775.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2011-0881.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2011-0882.nasl - Type : ACT_GATHER_INFO |
2012-06-22 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201206-10.nasl - Type : ACT_GATHER_INFO |
2011-06-30 | Name : The remote Fedora host is missing a security update. File : fedora_2011-8415.nasl - Type : ACT_GATHER_INFO |
2011-06-30 | Name : The remote Fedora host is missing a security update. File : fedora_2011-8437.nasl - Type : ACT_GATHER_INFO |
2011-06-27 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_01d3ab7d9c4311e0bc0f0014a5e3cda6.nasl - Type : ACT_GATHER_INFO |
2011-06-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2248.nasl - Type : ACT_GATHER_INFO |
2010-04-20 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_a04a3c13493211df83fb0015587e2cc1.nasl - Type : ACT_GATHER_INFO |
2010-04-16 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2033.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2009-2746.nasl - Type : ACT_GATHER_INFO |
2009-04-21 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_cf91c1e42b6d11de931b00e0815b8da8.nasl - Type : ACT_GATHER_INFO |
2009-04-17 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1774.nasl - Type : ACT_GATHER_INFO |
2009-03-19 | Name : The remote Fedora host is missing a security update. File : fedora_2009-2747.nasl - Type : ACT_GATHER_INFO |