jabber 1.4.2, 1.4.2a, and possibly earlier versions, does not properly handle SSL connections, which allows remote attackers to cause a denial of service (crash).
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Jabber_server | Jabber_software_foundation | 1.4.2a (including) | 1.4.2a (including) |
| Jabber_server | Jabber_software_foundation | 1.4.3 (including) | 1.4.3 (including) |
References
- http://secunia.com/advisories/10559
- http://www.debian.org/security/2004/dsa-414
- http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:005
- http://www.osvdb.org/3345
- http://www.securityfocus.com/bid/9376
- https://exchange.xforce.ibmcloud.com/vulnerabilities/14158
- http://secunia.com/advisories/10559
- http://www.debian.org/security/2004/dsa-414
- http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:005
- http://www.osvdb.org/3345
- http://www.securityfocus.com/bid/9376
- https://exchange.xforce.ibmcloud.com/vulnerabilities/14158