The mod_dialback module in Prosody prior to 0.9.9 does not properly generate random values for the secret token for server-to-server dialback authentication, which makes it easier for malicious users to spoof servers via a brute force attack.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
prosody prosody 0.9.6 |
||
prosody prosody 0.9.4 |
||
prosody prosody 0.9.3 |
||
prosody prosody 0.9.2 |
||
prosody prosody 0.9.1 |
||
prosody prosody 0.9.0 |
||
prosody prosody |
||
prosody prosody 0.9.7 |
||
prosody prosody 0.9.5 |
||
fedoraproject fedora 22 |
||
fedoraproject fedora 23 |
||
debian debian linux 8.0 |
||
debian debian linux 7.0 |