CVE-2006-1329
Advisory lineage Upstream: 0 Downstream: 5
Modified
Published: 21 Mar 2006, 01:00
Last modified:07 Aug 2024, 17:03
Vulnerability Summary
Overall Risk (default)
low
20/100 CVSS Score
5 MEDIUM
v2.0 (nvd)
EPSS Score
1.56% LOW
2% probability 0.00%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
21 Mar 2006, 01:00
Published
Vulnerability first disclosed
07 Aug 2024, 17:03
Last Modified
Vulnerability information updated
Description
The SASL negotiation in Jabber Studio jabberd before 2.0s11 allows remote attackers to cause a denial of service ("c2s segfault") by sending a "response stanza before an auth stanza".
CVSS Metrics
- v2.0•MEDIUM•Score: 5AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS Trends
Current EPSS score: 1.56%• Percentile: 82%
Affected Systems
- jabberstudio•jabberd
≤ 2.0_s10 | 2.0_a1 | 2.0_a2 | 2.0_a3 | 2.0_a4 | 2.0_a5 | 2.0_a6 | 2.0_b1 | 2.0_b2 | 2.0_b3 | 2.0_rc1 | 2.0_rc2 | 2.0_s1 | 2.0_s2 | 2.0_s3 | 2.0_s4 | 2.0_s5 | 2.0_s6 | 2.0_s7 | 2.0_s8 | 2.0_s9
References (8)
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25334
- http://www.vupen.com/english/advisories/2006/1009
- http://www.securityfocus.com/bid/17155
- http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
- http://support.apple.com/kb/HT4077
- http://secunia.com/advisories/19281
- http://www.redhat.com/support/errata/RHSA-2008-0261.html
- http://article.gmane.org/gmane.network.jabber.admin/27372