Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2014-8760

Опубликовано: 25 окт. 2014
Источник: debian
EPSS Низкий

Описание

ejabberd before 2.1.13 does not enforce the starttls_required setting when compression is used, which causes clients to establish connections without encryption.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
ejabberdfixed14.07-3package
ejabberdno-dsasqueezepackage

Примечания

  • http://mail.jabber.org/pipermail/operators/2014-October/002438.html

  • Patch https://github.com/processone/ejabberd/commit/7bdc1151b

EPSS

Процентиль: 50%
0.00264
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2014-8760

ubuntu
больше 11 лет назад

ejabberd before 2.1.13 does not enforce the starttls_required setting when compression is used, which causes clients to establish connections without encryption.

nvd логотип

CVE-2014-8760

nvd
больше 11 лет назад

ejabberd before 2.1.13 does not enforce the starttls_required setting when compression is used, which causes clients to establish connections without encryption.

github логотип

GHSA-p3cj-xwxg-f4p3

github
больше 3 лет назад

ejabberd before 2.1.13 does not enforce the starttls_required setting when compression is used, which causes clients to establish connections without encryption.

EPSS

Процентиль: 50%
0.00264
Низкий