Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
5 vulnerabilities by jabberstudio
CVE-2006-1329 (GCVE-0-2006-1329)
Vulnerability from cvelistv5 – Published: 2006-03-21 01:00 – Updated: 2024-08-07 17:03
VLAI
Summary
The SASL negotiation in Jabber Studio jabberd before 2.0s11 allows remote attackers to cause a denial of service ("c2s segfault") by sending a "response stanza before an auth stanza".
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.vupen.com/english/advisories/2006/1009 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/17155 | vdb-entryx_refsource_BID |
| http://lists.apple.com/archives/security-announce… | vendor-advisoryx_refsource_APPLE |
| http://support.apple.com/kb/HT4077 | x_refsource_CONFIRM |
| http://secunia.com/advisories/19281 | third-party-advisoryx_refsource_SECUNIA |
| http://www.redhat.com/support/errata/RHSA-2008-02… | vendor-advisoryx_refsource_REDHAT |
| http://article.gmane.org/gmane.network.jabber.adm… | x_refsource_CONFIRM |
Date Public
2006-03-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:03:28.986Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "jabberd-sasl-dos(25334)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25334"
},
{
"name": "ADV-2006-1009",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1009"
},
{
"name": "17155",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17155"
},
{
"name": "APPLE-SA-2010-03-29-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT4077"
},
{
"name": "19281",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19281"
},
{
"name": "RHSA-2008:0261",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://article.gmane.org/gmane.network.jabber.admin/27372"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-03-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The SASL negotiation in Jabber Studio jabberd before 2.0s11 allows remote attackers to cause a denial of service (\"c2s segfault\") by sending a \"response stanza before an auth stanza\"."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "jabberd-sasl-dos(25334)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25334"
},
{
"name": "ADV-2006-1009",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1009"
},
{
"name": "17155",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17155"
},
{
"name": "APPLE-SA-2010-03-29-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT4077"
},
{
"name": "19281",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19281"
},
{
"name": "RHSA-2008:0261",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://article.gmane.org/gmane.network.jabber.admin/27372"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1329",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SASL negotiation in Jabber Studio jabberd before 2.0s11 allows remote attackers to cause a denial of service (\"c2s segfault\") by sending a \"response stanza before an auth stanza\"."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "jabberd-sasl-dos(25334)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25334"
},
{
"name": "ADV-2006-1009",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1009"
},
{
"name": "17155",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17155"
},
{
"name": "APPLE-SA-2010-03-29-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
},
{
"name": "http://support.apple.com/kb/HT4077",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4077"
},
{
"name": "19281",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19281"
},
{
"name": "RHSA-2008:0261",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
},
{
"name": "http://article.gmane.org/gmane.network.jabber.admin/27372",
"refsource": "CONFIRM",
"url": "http://article.gmane.org/gmane.network.jabber.admin/27372"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1329",
"datePublished": "2006-03-21T01:00:00.000Z",
"dateReserved": "2006-03-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T17:03:28.986Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2391 (GCVE-0-2004-2391)
Vulnerability from cvelistv5 – Published: 2005-08-17 04:00 – Updated: 2024-08-08 01:22
VLAI
Summary
Jabber Gadu-Gadu Transport (a.k.a. jabber-gg-transport) 2.0.x before 2.0.8 allows remote attackers to cause a denial of service a message with an empty <priority/> tag.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/9710 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/10974/ | third-party-advisoryx_refsource_SECUNIA |
| http://www.jabberstudio.org/projects/jabber-gg-tr… | x_refsource_CONFIRM |
Date Public
2004-02-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:22:13.766Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "jabber-gadugadu-dos(15319)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15319"
},
{
"name": "9710",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9710"
},
{
"name": "10974",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10974/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.jabberstudio.org/projects/jabber-gg-transport/releases/view.php?id=429"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-02-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Jabber Gadu-Gadu Transport (a.k.a. jabber-gg-transport) 2.0.x before 2.0.8 allows remote attackers to cause a denial of service a message with an empty \u003cpriority/\u003e tag."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "jabber-gadugadu-dos(15319)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15319"
},
{
"name": "9710",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9710"
},
{
"name": "10974",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10974/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.jabberstudio.org/projects/jabber-gg-transport/releases/view.php?id=429"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2391",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Jabber Gadu-Gadu Transport (a.k.a. jabber-gg-transport) 2.0.x before 2.0.8 allows remote attackers to cause a denial of service a message with an empty \u003cpriority/\u003e tag."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "jabber-gadugadu-dos(15319)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15319"
},
{
"name": "9710",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9710"
},
{
"name": "10974",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10974/"
},
{
"name": "http://www.jabberstudio.org/projects/jabber-gg-transport/releases/view.php?id=429",
"refsource": "CONFIRM",
"url": "http://www.jabberstudio.org/projects/jabber-gg-transport/releases/view.php?id=429"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2391",
"datePublished": "2005-08-17T04:00:00.000Z",
"dateReserved": "2005-08-17T00:00:00.000Z",
"dateUpdated": "2024-08-08T01:22:13.766Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2390 (GCVE-0-2004-2390)
Vulnerability from cvelistv5 – Published: 2005-08-17 04:00 – Updated: 2024-08-08 01:22
VLAI
Summary
The roster import functionality in Jabber Gadu-Gadu Transport (a.k.a. jabber-gg-transport) 2.0.x before 2.0.8, when using libgadu 1.0 and later, allows attackers to cause a denial of service via unknown vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/9710 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/10974/ | third-party-advisoryx_refsource_SECUNIA |
| http://www.jabberstudio.org/projects/jabber-gg-tr… | x_refsource_CONFIRM |
Date Public
2004-02-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:22:13.692Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "jabber-gadugadu-dos(15319)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15319"
},
{
"name": "9710",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9710"
},
{
"name": "10974",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10974/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.jabberstudio.org/projects/jabber-gg-transport/releases/view.php?id=429"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-02-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The roster import functionality in Jabber Gadu-Gadu Transport (a.k.a. jabber-gg-transport) 2.0.x before 2.0.8, when using libgadu 1.0 and later, allows attackers to cause a denial of service via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "jabber-gadugadu-dos(15319)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15319"
},
{
"name": "9710",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9710"
},
{
"name": "10974",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10974/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.jabberstudio.org/projects/jabber-gg-transport/releases/view.php?id=429"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2390",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The roster import functionality in Jabber Gadu-Gadu Transport (a.k.a. jabber-gg-transport) 2.0.x before 2.0.8, when using libgadu 1.0 and later, allows attackers to cause a denial of service via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "jabber-gadugadu-dos(15319)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15319"
},
{
"name": "9710",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9710"
},
{
"name": "10974",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10974/"
},
{
"name": "http://www.jabberstudio.org/projects/jabber-gg-transport/releases/view.php?id=429",
"refsource": "CONFIRM",
"url": "http://www.jabberstudio.org/projects/jabber-gg-transport/releases/view.php?id=429"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2390",
"datePublished": "2005-08-17T04:00:00.000Z",
"dateReserved": "2005-08-17T00:00:00.000Z",
"dateUpdated": "2024-08-08T01:22:13.692Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2389 (GCVE-0-2004-2389)
Vulnerability from cvelistv5 – Published: 2005-08-17 04:00 – Updated: 2024-08-08 01:22
VLAI
Summary
Unknown vulnerability in Jabber Gadu-Gadu Transport (a.k.a. jabber-gg-transport) 2.0.x before 2.0.8 allows remote attackers to cause a denial of service (infinite loop) via user re-registration.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/9710 | vdb-entryx_refsource_BID |
| http://www.osvdb.org/4057 | vdb-entryx_refsource_OSVDB |
| http://securitytracker.com/id?1009248 | vdb-entryx_refsource_SECTRACK |
| http://secunia.com/advisories/10974/ | third-party-advisoryx_refsource_SECUNIA |
| http://www.jabberstudio.org/projects/jabber-gg-tr… | x_refsource_CONFIRM |
Date Public
2004-02-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:22:13.767Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "jabber-gadugadu-dos(15319)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15319"
},
{
"name": "9710",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9710"
},
{
"name": "4057",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/4057"
},
{
"name": "1009248",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1009248"
},
{
"name": "10974",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10974/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.jabberstudio.org/projects/jabber-gg-transport/releases/view.php?id=429"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-02-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in Jabber Gadu-Gadu Transport (a.k.a. jabber-gg-transport) 2.0.x before 2.0.8 allows remote attackers to cause a denial of service (infinite loop) via user re-registration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "jabber-gadugadu-dos(15319)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15319"
},
{
"name": "9710",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9710"
},
{
"name": "4057",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/4057"
},
{
"name": "1009248",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1009248"
},
{
"name": "10974",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10974/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.jabberstudio.org/projects/jabber-gg-transport/releases/view.php?id=429"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2389",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in Jabber Gadu-Gadu Transport (a.k.a. jabber-gg-transport) 2.0.x before 2.0.8 allows remote attackers to cause a denial of service (infinite loop) via user re-registration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "jabber-gadugadu-dos(15319)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15319"
},
{
"name": "9710",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9710"
},
{
"name": "4057",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/4057"
},
{
"name": "1009248",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1009248"
},
{
"name": "10974",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10974/"
},
{
"name": "http://www.jabberstudio.org/projects/jabber-gg-transport/releases/view.php?id=429",
"refsource": "CONFIRM",
"url": "http://www.jabberstudio.org/projects/jabber-gg-transport/releases/view.php?id=429"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2389",
"datePublished": "2005-08-17T04:00:00.000Z",
"dateReserved": "2005-08-17T00:00:00.000Z",
"dateUpdated": "2024-08-08T01:22:13.767Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1378 (GCVE-0-2004-1378)
Vulnerability from cvelistv5 – Published: 2005-01-19 05:00 – Updated: 2024-08-08 00:46
VLAI
Summary
The expat XML parser code, as used in the open source Jabber (jabberd) 1.4.3 and earlier, jadc2s 0.9.0 and earlier, and possibly other packages, allows remote attackers to cause a denial of service (application crash) via a malformed packet to a socket that accepts XML connections.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| http://securitytracker.com/id?1011384 | vdb-entryx_refsource_SECTRACK |
| http://www.osvdb.org/10257 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/11231 | vdb-entryx_refsource_BID |
| http://www.vuxml.org/freebsd/2e25d38b-54d1-11d9-b… | x_refsource_CONFIRM |
| http://www.gentoo.org/security/en/glsa/glsa-20040… | vendor-advisoryx_refsource_GENTOO |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://securitytracker.com/id?1011383 | vdb-entryx_refsource_SECTRACK |
| http://devel.amessage.info/jabberd14/ | x_refsource_CONFIRM |
| http://mail.jabber.org/pipermail/jabberd/2004-Sep… | mailing-listx_refsource_MLIST |
| http://marc.info/?l=bugtraq&m=109583829122679&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://secunia.com/advisories/12636 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2004-09-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:46:12.504Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1011384",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1011384"
},
{
"name": "10257",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/10257"
},
{
"name": "jabberd-xml-dos(17466)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17466"
},
{
"name": "11231",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11231"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vuxml.org/freebsd/2e25d38b-54d1-11d9-b612-000c6e8f12ef.html"
},
{
"name": "GLSA-200409-31",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-31.xml"
},
{
"name": "jadc2s-xml-dos(17467)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17467"
},
{
"name": "1011383",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1011383"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://devel.amessage.info/jabberd14/"
},
{
"name": "[jabberd] 20040919 Jabberd 1.4 critical bug",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail.jabber.org/pipermail/jabberd/2004-September/002004.html"
},
{
"name": "20040920 Possible DoS attack against jabberd 1.4.3 and jadc2s 0.9.0",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109583829122679\u0026w=2"
},
{
"name": "12636",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/12636"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The expat XML parser code, as used in the open source Jabber (jabberd) 1.4.3 and earlier, jadc2s 0.9.0 and earlier, and possibly other packages, allows remote attackers to cause a denial of service (application crash) via a malformed packet to a socket that accepts XML connections."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1011384",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1011384"
},
{
"name": "10257",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/10257"
},
{
"name": "jabberd-xml-dos(17466)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17466"
},
{
"name": "11231",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11231"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vuxml.org/freebsd/2e25d38b-54d1-11d9-b612-000c6e8f12ef.html"
},
{
"name": "GLSA-200409-31",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-31.xml"
},
{
"name": "jadc2s-xml-dos(17467)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17467"
},
{
"name": "1011383",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1011383"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://devel.amessage.info/jabberd14/"
},
{
"name": "[jabberd] 20040919 Jabberd 1.4 critical bug",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail.jabber.org/pipermail/jabberd/2004-September/002004.html"
},
{
"name": "20040920 Possible DoS attack against jabberd 1.4.3 and jadc2s 0.9.0",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109583829122679\u0026w=2"
},
{
"name": "12636",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/12636"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1378",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The expat XML parser code, as used in the open source Jabber (jabberd) 1.4.3 and earlier, jadc2s 0.9.0 and earlier, and possibly other packages, allows remote attackers to cause a denial of service (application crash) via a malformed packet to a socket that accepts XML connections."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1011384",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1011384"
},
{
"name": "10257",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/10257"
},
{
"name": "jabberd-xml-dos(17466)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17466"
},
{
"name": "11231",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11231"
},
{
"name": "http://www.vuxml.org/freebsd/2e25d38b-54d1-11d9-b612-000c6e8f12ef.html",
"refsource": "CONFIRM",
"url": "http://www.vuxml.org/freebsd/2e25d38b-54d1-11d9-b612-000c6e8f12ef.html"
},
{
"name": "GLSA-200409-31",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200409-31.xml"
},
{
"name": "jadc2s-xml-dos(17467)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17467"
},
{
"name": "1011383",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1011383"
},
{
"name": "http://devel.amessage.info/jabberd14/",
"refsource": "CONFIRM",
"url": "http://devel.amessage.info/jabberd14/"
},
{
"name": "[jabberd] 20040919 Jabberd 1.4 critical bug",
"refsource": "MLIST",
"url": "http://mail.jabber.org/pipermail/jabberd/2004-September/002004.html"
},
{
"name": "20040920 Possible DoS attack against jabberd 1.4.3 and jadc2s 0.9.0",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109583829122679\u0026w=2"
},
{
"name": "12636",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12636"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1378",
"datePublished": "2005-01-19T05:00:00.000Z",
"dateReserved": "2005-01-19T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:46:12.504Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}