Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-qwj6-64m3-hwxr

Опубликовано: 17 мая 2022
Источник: github
Github: Не прошло ревью
CVSS3: 7.5

Описание

The mod_dialback module in Prosody before 0.9.9 does not properly generate random values for the secret token for server-to-server dialback authentication, which makes it easier for attackers to spoof servers via a brute force attack.

The mod_dialback module in Prosody before 0.9.9 does not properly generate random values for the secret token for server-to-server dialback authentication, which makes it easier for attackers to spoof servers via a brute force attack.

Ссылки

EPSS

Процентиль: 72%
0.00708
Низкий

7.5 High

CVSS3

CVE ID

CVE-2016-1232

Связанные уязвимости

ubuntu логотип

CVE-2016-1232

CVSS3: 7.5
ubuntu
около 10 лет назад

The mod_dialback module in Prosody before 0.9.9 does not properly generate random values for the secret token for server-to-server dialback authentication, which makes it easier for attackers to spoof servers via a brute force attack.

nvd логотип

CVE-2016-1232

CVSS3: 7.5
nvd
около 10 лет назад

The mod_dialback module in Prosody before 0.9.9 does not properly generate random values for the secret token for server-to-server dialback authentication, which makes it easier for attackers to spoof servers via a brute force attack.

debian логотип

CVE-2016-1232

CVSS3: 7.5
debian
около 10 лет назад

The mod_dialback module in Prosody before 0.9.9 does not properly gene ...

EPSS

Процентиль: 72%
0.00708
Низкий

7.5 High

CVSS3

CVE ID

CVE-2016-1232