Search criteria

6 vulnerabilities found for jabberd by jabberstudio

FKIE_CVE-2006-1329

Vulnerability from fkie_nvd - Published: 2006-03-21 01:06 - Updated: 2025-04-03 01:03
Severity ?
Summary
The SASL negotiation in Jabber Studio jabberd before 2.0s11 allows remote attackers to cause a denial of service ("c2s segfault") by sending a "response stanza before an auth stanza".
References
cve@mitre.orghttp://article.gmane.org/gmane.network.jabber.admin/27372Patch
cve@mitre.orghttp://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
cve@mitre.orghttp://secunia.com/advisories/19281Vendor Advisory
cve@mitre.orghttp://support.apple.com/kb/HT4077
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2008-0261.html
cve@mitre.orghttp://www.securityfocus.com/bid/17155
cve@mitre.orghttp://www.vupen.com/english/advisories/2006/1009Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/25334
af854a3a-2127-422b-91ae-364da2661108http://article.gmane.org/gmane.network.jabber.admin/27372Patch
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19281Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT4077
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0261.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/17155
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/1009Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/25334
Impacted products
Vendor Product Version
jabberstudio jabberd *
jabberstudio jabberd 2.0_a1
jabberstudio jabberd 2.0_a2
jabberstudio jabberd 2.0_a3
jabberstudio jabberd 2.0_a4
jabberstudio jabberd 2.0_a5
jabberstudio jabberd 2.0_a6
jabberstudio jabberd 2.0_b1
jabberstudio jabberd 2.0_b2
jabberstudio jabberd 2.0_b3
jabberstudio jabberd 2.0_rc1
jabberstudio jabberd 2.0_rc2
jabberstudio jabberd 2.0_s1
jabberstudio jabberd 2.0_s2
jabberstudio jabberd 2.0_s3
jabberstudio jabberd 2.0_s4
jabberstudio jabberd 2.0_s5
jabberstudio jabberd 2.0_s6
jabberstudio jabberd 2.0_s7
jabberstudio jabberd 2.0_s8
jabberstudio jabberd 2.0_s9
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:jabberstudio:jabberd:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E22FE974-6431-4B75-B77C-87A6E6F75DD7",
              "versionEndIncluding": "2.0_s10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jabberstudio:jabberd:2.0_a1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA6A9A63-12D6-4D95-8808-9198368B8A51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jabberstudio:jabberd:2.0_a2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7B844E6-D392-4940-9979-B1A2A5C14D4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jabberstudio:jabberd:2.0_a3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C883E4A8-2F31-4ED9-8484-3E94F25FEB57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jabberstudio:jabberd:2.0_a4:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F1F4B27-129D-4556-A255-6B665FE8B290",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jabberstudio:jabberd:2.0_a5:*:*:*:*:*:*:*",
              "matchCriteriaId": "812163D2-5798-4E4D-B9E6-923B4AF2AEBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jabberstudio:jabberd:2.0_a6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B823DEE9-B795-4555-AFB6-31EDE8BF28C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jabberstudio:jabberd:2.0_b1:*:*:*:*:*:*:*",
              "matchCriteriaId": "67B9126F-81EC-4E32-8250-25D57A1C4A99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jabberstudio:jabberd:2.0_b2:*:*:*:*:*:*:*",
              "matchCriteriaId": "31ACD1B6-6FCB-4EA3-9B87-7F52D2C3952C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jabberstudio:jabberd:2.0_b3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA4CC0C6-9DA6-4CFA-B3FD-1871E7100693",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jabberstudio:jabberd:2.0_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1052CC03-10D8-4D49-A9CB-671A6866EF06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jabberstudio:jabberd:2.0_rc2:*:*:*:*:*:*:*",
              "matchCriteriaId": "76F59708-A368-467A-9310-B2F510A99345",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jabberstudio:jabberd:2.0_s1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C459A234-28B8-41FC-A01B-E5D4D547193E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jabberstudio:jabberd:2.0_s2:*:*:*:*:*:*:*",
              "matchCriteriaId": "568C99F3-ADD2-41DE-B34E-8F55F9106036",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jabberstudio:jabberd:2.0_s3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D4B1EA2-F5DF-44C5-8EF0-242BC1EDD6CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jabberstudio:jabberd:2.0_s4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C4CE49D-16B1-4814-8600-B505A6BF84AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jabberstudio:jabberd:2.0_s5:*:*:*:*:*:*:*",
              "matchCriteriaId": "7394DD18-D1DF-4FA7-BA59-350D02B5C5E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jabberstudio:jabberd:2.0_s6:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E6259F8-502A-49C0-AE51-CA87CC1E5689",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jabberstudio:jabberd:2.0_s7:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CB5F71F-E8AC-4602-AAB0-EB092793A703",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jabberstudio:jabberd:2.0_s8:*:*:*:*:*:*:*",
              "matchCriteriaId": "614C061F-A2CC-4E8A-AAE2-3EAC9F28B36E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jabberstudio:jabberd:2.0_s9:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DE99575-BCAC-4316-886E-7570649B5EDE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The SASL negotiation in Jabber Studio jabberd before 2.0s11 allows remote attackers to cause a denial of service (\"c2s segfault\") by sending a \"response stanza before an auth stanza\"."
    }
  ],
  "id": "CVE-2006-1329",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-03-21T01:06:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://article.gmane.org/gmane.network.jabber.admin/27372"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19281"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.apple.com/kb/HT4077"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/17155"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/1009"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25334"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://article.gmane.org/gmane.network.jabber.admin/27372"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19281"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT4077"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/17155"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/1009"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25334"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2004-1378

Vulnerability from fkie_nvd - Published: 2004-09-21 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
The expat XML parser code, as used in the open source Jabber (jabberd) 1.4.3 and earlier, jadc2s 0.9.0 and earlier, and possibly other packages, allows remote attackers to cause a denial of service (application crash) via a malformed packet to a socket that accepts XML connections.
References
cve@mitre.orghttp://devel.amessage.info/jabberd14/Patch
cve@mitre.orghttp://mail.jabber.org/pipermail/jabberd/2004-September/002004.html
cve@mitre.orghttp://marc.info/?l=bugtraq&m=109583829122679&w=2
cve@mitre.orghttp://secunia.com/advisories/12636
cve@mitre.orghttp://securitytracker.com/id?1011383
cve@mitre.orghttp://securitytracker.com/id?1011384
cve@mitre.orghttp://www.gentoo.org/security/en/glsa/glsa-200409-31.xmlPatch
cve@mitre.orghttp://www.osvdb.org/10257
cve@mitre.orghttp://www.securityfocus.com/bid/11231Patch
cve@mitre.orghttp://www.vuxml.org/freebsd/2e25d38b-54d1-11d9-b612-000c6e8f12ef.html
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/17466
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/17467
af854a3a-2127-422b-91ae-364da2661108http://devel.amessage.info/jabberd14/Patch
af854a3a-2127-422b-91ae-364da2661108http://mail.jabber.org/pipermail/jabberd/2004-September/002004.html
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=109583829122679&w=2
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/12636
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1011383
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1011384
af854a3a-2127-422b-91ae-364da2661108http://www.gentoo.org/security/en/glsa/glsa-200409-31.xmlPatch
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/10257
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/11231Patch
af854a3a-2127-422b-91ae-364da2661108http://www.vuxml.org/freebsd/2e25d38b-54d1-11d9-b612-000c6e8f12ef.html
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/17466
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/17467
Impacted products
Vendor Product Version
jabberstudio jabberd 1.4
jabberstudio jabberd 1.4.1
jabberstudio jabberd 1.4.2
jabberstudio jabberd 1.4.2a
jabberstudio jabberd 1.4.3
jabberstudio jadc2s 0.6
jabberstudio jadc2s 0.7
jabberstudio jadc2s 0.8
jabberstudio jadc2s 0.9
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:jabberstudio:jabberd:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF04B475-4901-48FD-AD5D-A962D3765664",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jabberstudio:jabberd:1.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D5D1C4E-FD89-4FAF-B58B-3410DA938A89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jabberstudio:jabberd:1.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "082926C3-B1C7-4030-B4F8-45151F37BE24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jabberstudio:jabberd:1.4.2a:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB1F2CEB-AE60-409F-A1C3-A45384782E28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jabberstudio:jabberd:1.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC8D1462-9E72-4160-8792-3A9AFF8589C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jabberstudio:jadc2s:0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7C26238-1611-4A04-A2C5-60BE493CCDE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jabberstudio:jadc2s:0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "60AAD395-7AEC-48AC-90C4-960A268A9154",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jabberstudio:jadc2s:0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "87B97785-7A56-4D71-93DD-B05D5404256B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jabberstudio:jadc2s:0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2F55F44-A474-40DB-9B06-9D327418E93F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The expat XML parser code, as used in the open source Jabber (jabberd) 1.4.3 and earlier, jadc2s 0.9.0 and earlier, and possibly other packages, allows remote attackers to cause a denial of service (application crash) via a malformed packet to a socket that accepts XML connections."
    }
  ],
  "id": "CVE-2004-1378",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-09-21T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://devel.amessage.info/jabberd14/"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://mail.jabber.org/pipermail/jabberd/2004-September/002004.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=109583829122679\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/12636"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1011383"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1011384"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-31.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/10257"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/11231"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vuxml.org/freebsd/2e25d38b-54d1-11d9-b612-000c6e8f12ef.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17466"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17467"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://devel.amessage.info/jabberd14/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://mail.jabber.org/pipermail/jabberd/2004-September/002004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=109583829122679\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/12636"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1011383"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1011384"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-31.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/10257"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/11231"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vuxml.org/freebsd/2e25d38b-54d1-11d9-b612-000c6e8f12ef.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17466"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17467"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2006-1329 (GCVE-0-2006-1329)

Vulnerability from cvelistv5 – Published: 2006-03-21 01:00 – Updated: 2024-08-07 17:03
VLAI?
Summary
The SASL negotiation in Jabber Studio jabberd before 2.0s11 allows remote attackers to cause a denial of service ("c2s segfault") by sending a "response stanza before an auth stanza".
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T17:03:28.986Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "jabberd-sasl-dos(25334)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25334"
          },
          {
            "name": "ADV-2006-1009",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/1009"
          },
          {
            "name": "17155",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/17155"
          },
          {
            "name": "APPLE-SA-2010-03-29-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4077"
          },
          {
            "name": "19281",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19281"
          },
          {
            "name": "RHSA-2008:0261",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://article.gmane.org/gmane.network.jabber.admin/27372"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-03-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The SASL negotiation in Jabber Studio jabberd before 2.0s11 allows remote attackers to cause a denial of service (\"c2s segfault\") by sending a \"response stanza before an auth stanza\"."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-19T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "jabberd-sasl-dos(25334)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25334"
        },
        {
          "name": "ADV-2006-1009",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/1009"
        },
        {
          "name": "17155",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/17155"
        },
        {
          "name": "APPLE-SA-2010-03-29-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4077"
        },
        {
          "name": "19281",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19281"
        },
        {
          "name": "RHSA-2008:0261",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://article.gmane.org/gmane.network.jabber.admin/27372"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-1329",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The SASL negotiation in Jabber Studio jabberd before 2.0s11 allows remote attackers to cause a denial of service (\"c2s segfault\") by sending a \"response stanza before an auth stanza\"."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "jabberd-sasl-dos(25334)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25334"
            },
            {
              "name": "ADV-2006-1009",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/1009"
            },
            {
              "name": "17155",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/17155"
            },
            {
              "name": "APPLE-SA-2010-03-29-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
            },
            {
              "name": "http://support.apple.com/kb/HT4077",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4077"
            },
            {
              "name": "19281",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19281"
            },
            {
              "name": "RHSA-2008:0261",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
            },
            {
              "name": "http://article.gmane.org/gmane.network.jabber.admin/27372",
              "refsource": "CONFIRM",
              "url": "http://article.gmane.org/gmane.network.jabber.admin/27372"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-1329",
    "datePublished": "2006-03-21T01:00:00",
    "dateReserved": "2006-03-20T00:00:00",
    "dateUpdated": "2024-08-07T17:03:28.986Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2004-1378 (GCVE-0-2004-1378)

Vulnerability from cvelistv5 – Published: 2005-01-19 05:00 – Updated: 2024-08-08 00:46
VLAI?
Summary
The expat XML parser code, as used in the open source Jabber (jabberd) 1.4.3 and earlier, jadc2s 0.9.0 and earlier, and possibly other packages, allows remote attackers to cause a denial of service (application crash) via a malformed packet to a socket that accepts XML connections.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://securitytracker.com/id?1011384 vdb-entryx_refsource_SECTRACK
http://www.osvdb.org/10257 vdb-entryx_refsource_OSVDB
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/11231 vdb-entryx_refsource_BID
http://www.vuxml.org/freebsd/2e25d38b-54d1-11d9-b… x_refsource_CONFIRM
http://www.gentoo.org/security/en/glsa/glsa-20040… vendor-advisoryx_refsource_GENTOO
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
http://securitytracker.com/id?1011383 vdb-entryx_refsource_SECTRACK
http://devel.amessage.info/jabberd14/ x_refsource_CONFIRM
http://mail.jabber.org/pipermail/jabberd/2004-Sep… mailing-listx_refsource_MLIST
http://marc.info/?l=bugtraq&m=109583829122679&w=2 mailing-listx_refsource_BUGTRAQ
http://secunia.com/advisories/12636 third-party-advisoryx_refsource_SECUNIA
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:46:12.504Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1011384",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1011384"
          },
          {
            "name": "10257",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/10257"
          },
          {
            "name": "jabberd-xml-dos(17466)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17466"
          },
          {
            "name": "11231",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/11231"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vuxml.org/freebsd/2e25d38b-54d1-11d9-b612-000c6e8f12ef.html"
          },
          {
            "name": "GLSA-200409-31",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-31.xml"
          },
          {
            "name": "jadc2s-xml-dos(17467)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17467"
          },
          {
            "name": "1011383",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1011383"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://devel.amessage.info/jabberd14/"
          },
          {
            "name": "[jabberd] 20040919 Jabberd 1.4 critical bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://mail.jabber.org/pipermail/jabberd/2004-September/002004.html"
          },
          {
            "name": "20040920 Possible DoS attack against jabberd 1.4.3 and jadc2s 0.9.0",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=109583829122679\u0026w=2"
          },
          {
            "name": "12636",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/12636"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-09-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The expat XML parser code, as used in the open source Jabber (jabberd) 1.4.3 and earlier, jadc2s 0.9.0 and earlier, and possibly other packages, allows remote attackers to cause a denial of service (application crash) via a malformed packet to a socket that accepts XML connections."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1011384",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1011384"
        },
        {
          "name": "10257",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/10257"
        },
        {
          "name": "jabberd-xml-dos(17466)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17466"
        },
        {
          "name": "11231",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/11231"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vuxml.org/freebsd/2e25d38b-54d1-11d9-b612-000c6e8f12ef.html"
        },
        {
          "name": "GLSA-200409-31",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-31.xml"
        },
        {
          "name": "jadc2s-xml-dos(17467)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17467"
        },
        {
          "name": "1011383",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1011383"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://devel.amessage.info/jabberd14/"
        },
        {
          "name": "[jabberd] 20040919 Jabberd 1.4 critical bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://mail.jabber.org/pipermail/jabberd/2004-September/002004.html"
        },
        {
          "name": "20040920 Possible DoS attack against jabberd 1.4.3 and jadc2s 0.9.0",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=109583829122679\u0026w=2"
        },
        {
          "name": "12636",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/12636"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-1378",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The expat XML parser code, as used in the open source Jabber (jabberd) 1.4.3 and earlier, jadc2s 0.9.0 and earlier, and possibly other packages, allows remote attackers to cause a denial of service (application crash) via a malformed packet to a socket that accepts XML connections."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1011384",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1011384"
            },
            {
              "name": "10257",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/10257"
            },
            {
              "name": "jabberd-xml-dos(17466)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17466"
            },
            {
              "name": "11231",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/11231"
            },
            {
              "name": "http://www.vuxml.org/freebsd/2e25d38b-54d1-11d9-b612-000c6e8f12ef.html",
              "refsource": "CONFIRM",
              "url": "http://www.vuxml.org/freebsd/2e25d38b-54d1-11d9-b612-000c6e8f12ef.html"
            },
            {
              "name": "GLSA-200409-31",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-31.xml"
            },
            {
              "name": "jadc2s-xml-dos(17467)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17467"
            },
            {
              "name": "1011383",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1011383"
            },
            {
              "name": "http://devel.amessage.info/jabberd14/",
              "refsource": "CONFIRM",
              "url": "http://devel.amessage.info/jabberd14/"
            },
            {
              "name": "[jabberd] 20040919 Jabberd 1.4 critical bug",
              "refsource": "MLIST",
              "url": "http://mail.jabber.org/pipermail/jabberd/2004-September/002004.html"
            },
            {
              "name": "20040920 Possible DoS attack against jabberd 1.4.3 and jadc2s 0.9.0",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=109583829122679\u0026w=2"
            },
            {
              "name": "12636",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/12636"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-1378",
    "datePublished": "2005-01-19T05:00:00",
    "dateReserved": "2005-01-19T00:00:00",
    "dateUpdated": "2024-08-08T00:46:12.504Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2006-1329 (GCVE-0-2006-1329)

Vulnerability from nvd – Published: 2006-03-21 01:00 – Updated: 2024-08-07 17:03
VLAI?
Summary
The SASL negotiation in Jabber Studio jabberd before 2.0s11 allows remote attackers to cause a denial of service ("c2s segfault") by sending a "response stanza before an auth stanza".
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T17:03:28.986Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "jabberd-sasl-dos(25334)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25334"
          },
          {
            "name": "ADV-2006-1009",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/1009"
          },
          {
            "name": "17155",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/17155"
          },
          {
            "name": "APPLE-SA-2010-03-29-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4077"
          },
          {
            "name": "19281",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19281"
          },
          {
            "name": "RHSA-2008:0261",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://article.gmane.org/gmane.network.jabber.admin/27372"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-03-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The SASL negotiation in Jabber Studio jabberd before 2.0s11 allows remote attackers to cause a denial of service (\"c2s segfault\") by sending a \"response stanza before an auth stanza\"."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-19T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "jabberd-sasl-dos(25334)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25334"
        },
        {
          "name": "ADV-2006-1009",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/1009"
        },
        {
          "name": "17155",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/17155"
        },
        {
          "name": "APPLE-SA-2010-03-29-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4077"
        },
        {
          "name": "19281",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19281"
        },
        {
          "name": "RHSA-2008:0261",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://article.gmane.org/gmane.network.jabber.admin/27372"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-1329",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The SASL negotiation in Jabber Studio jabberd before 2.0s11 allows remote attackers to cause a denial of service (\"c2s segfault\") by sending a \"response stanza before an auth stanza\"."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "jabberd-sasl-dos(25334)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25334"
            },
            {
              "name": "ADV-2006-1009",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/1009"
            },
            {
              "name": "17155",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/17155"
            },
            {
              "name": "APPLE-SA-2010-03-29-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
            },
            {
              "name": "http://support.apple.com/kb/HT4077",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4077"
            },
            {
              "name": "19281",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19281"
            },
            {
              "name": "RHSA-2008:0261",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html"
            },
            {
              "name": "http://article.gmane.org/gmane.network.jabber.admin/27372",
              "refsource": "CONFIRM",
              "url": "http://article.gmane.org/gmane.network.jabber.admin/27372"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-1329",
    "datePublished": "2006-03-21T01:00:00",
    "dateReserved": "2006-03-20T00:00:00",
    "dateUpdated": "2024-08-07T17:03:28.986Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2004-1378 (GCVE-0-2004-1378)

Vulnerability from nvd – Published: 2005-01-19 05:00 – Updated: 2024-08-08 00:46
VLAI?
Summary
The expat XML parser code, as used in the open source Jabber (jabberd) 1.4.3 and earlier, jadc2s 0.9.0 and earlier, and possibly other packages, allows remote attackers to cause a denial of service (application crash) via a malformed packet to a socket that accepts XML connections.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://securitytracker.com/id?1011384 vdb-entryx_refsource_SECTRACK
http://www.osvdb.org/10257 vdb-entryx_refsource_OSVDB
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/11231 vdb-entryx_refsource_BID
http://www.vuxml.org/freebsd/2e25d38b-54d1-11d9-b… x_refsource_CONFIRM
http://www.gentoo.org/security/en/glsa/glsa-20040… vendor-advisoryx_refsource_GENTOO
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
http://securitytracker.com/id?1011383 vdb-entryx_refsource_SECTRACK
http://devel.amessage.info/jabberd14/ x_refsource_CONFIRM
http://mail.jabber.org/pipermail/jabberd/2004-Sep… mailing-listx_refsource_MLIST
http://marc.info/?l=bugtraq&m=109583829122679&w=2 mailing-listx_refsource_BUGTRAQ
http://secunia.com/advisories/12636 third-party-advisoryx_refsource_SECUNIA
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:46:12.504Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1011384",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1011384"
          },
          {
            "name": "10257",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/10257"
          },
          {
            "name": "jabberd-xml-dos(17466)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17466"
          },
          {
            "name": "11231",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/11231"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vuxml.org/freebsd/2e25d38b-54d1-11d9-b612-000c6e8f12ef.html"
          },
          {
            "name": "GLSA-200409-31",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-31.xml"
          },
          {
            "name": "jadc2s-xml-dos(17467)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17467"
          },
          {
            "name": "1011383",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1011383"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://devel.amessage.info/jabberd14/"
          },
          {
            "name": "[jabberd] 20040919 Jabberd 1.4 critical bug",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://mail.jabber.org/pipermail/jabberd/2004-September/002004.html"
          },
          {
            "name": "20040920 Possible DoS attack against jabberd 1.4.3 and jadc2s 0.9.0",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=109583829122679\u0026w=2"
          },
          {
            "name": "12636",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/12636"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-09-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The expat XML parser code, as used in the open source Jabber (jabberd) 1.4.3 and earlier, jadc2s 0.9.0 and earlier, and possibly other packages, allows remote attackers to cause a denial of service (application crash) via a malformed packet to a socket that accepts XML connections."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1011384",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1011384"
        },
        {
          "name": "10257",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/10257"
        },
        {
          "name": "jabberd-xml-dos(17466)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17466"
        },
        {
          "name": "11231",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/11231"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vuxml.org/freebsd/2e25d38b-54d1-11d9-b612-000c6e8f12ef.html"
        },
        {
          "name": "GLSA-200409-31",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-31.xml"
        },
        {
          "name": "jadc2s-xml-dos(17467)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17467"
        },
        {
          "name": "1011383",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1011383"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://devel.amessage.info/jabberd14/"
        },
        {
          "name": "[jabberd] 20040919 Jabberd 1.4 critical bug",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://mail.jabber.org/pipermail/jabberd/2004-September/002004.html"
        },
        {
          "name": "20040920 Possible DoS attack against jabberd 1.4.3 and jadc2s 0.9.0",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=109583829122679\u0026w=2"
        },
        {
          "name": "12636",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/12636"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-1378",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The expat XML parser code, as used in the open source Jabber (jabberd) 1.4.3 and earlier, jadc2s 0.9.0 and earlier, and possibly other packages, allows remote attackers to cause a denial of service (application crash) via a malformed packet to a socket that accepts XML connections."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1011384",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1011384"
            },
            {
              "name": "10257",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/10257"
            },
            {
              "name": "jabberd-xml-dos(17466)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17466"
            },
            {
              "name": "11231",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/11231"
            },
            {
              "name": "http://www.vuxml.org/freebsd/2e25d38b-54d1-11d9-b612-000c6e8f12ef.html",
              "refsource": "CONFIRM",
              "url": "http://www.vuxml.org/freebsd/2e25d38b-54d1-11d9-b612-000c6e8f12ef.html"
            },
            {
              "name": "GLSA-200409-31",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200409-31.xml"
            },
            {
              "name": "jadc2s-xml-dos(17467)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17467"
            },
            {
              "name": "1011383",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1011383"
            },
            {
              "name": "http://devel.amessage.info/jabberd14/",
              "refsource": "CONFIRM",
              "url": "http://devel.amessage.info/jabberd14/"
            },
            {
              "name": "[jabberd] 20040919 Jabberd 1.4 critical bug",
              "refsource": "MLIST",
              "url": "http://mail.jabber.org/pipermail/jabberd/2004-September/002004.html"
            },
            {
              "name": "20040920 Possible DoS attack against jabberd 1.4.3 and jadc2s 0.9.0",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=109583829122679\u0026w=2"
            },
            {
              "name": "12636",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/12636"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-1378",
    "datePublished": "2005-01-19T05:00:00",
    "dateReserved": "2005-01-19T00:00:00",
    "dateUpdated": "2024-08-08T00:46:12.504Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}