Download
| Alert*
oval:org.secpod.oval:def:113290
ejabberd is installed oval:org.secpod.oval:def:601345 ejabberd is installed oval:org.secpod.oval:def:601122 It was discovered that ejabberd, a Jabber/XMPP server, uses SSLv2 and weak ciphers for communication, which are considered insecure. The software offers no runtime configuration options to disable these. This update disables the use of SSLv2 and weak ciphers. The updated package for Debian 7 also c ... oval:org.secpod.oval:def:600537 Wouter Coekaerts discovered that ejabberd, a distributed XMPP/Jabber server written in Erlang, is vulnerable to the so-called "billion laughs" attack because it does not prevent entity expansion on received data. This allows an attacker to perform denial of service attacks against the serv ... oval:org.secpod.oval:def:113289 ejabberd is a Free and Open Source distributed fault-tolerant Jabber/XMPP server. It is mostly written in Erlang, and runs on many platforms . oval:org.secpod.oval:def:113628 ejabberd is a Free and Open Source distributed fault-tolerant Jabber/XMPP server. It is mostly written in Erlang, and runs on many platforms . |