Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1329

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-1329
Last Modified 16 Jun 2011 12:00:00
Published 20 Mar 2006 08:06:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1329

Summary

The SASL negotiation in Jabber Studio jabberd before 2.0s11 allows remote attackers to cause a denial of service ("c2s segfault") by sending a "response stanza before an auth stanza".

Vulnerable Systems

Application

  • Jabberstudio Jabberd 2.0 A1

  • Jabberstudio Jabberd 2.0 A2

  • Jabberstudio Jabberd 2.0 A3

  • Jabberstudio Jabberd 2.0 A4

  • Jabberstudio Jabberd 2.0 A5

  • Jabberstudio Jabberd 2.0 A6

  • Jabberstudio Jabberd 2.0 B1

  • Jabberstudio Jabberd 2.0 B2

  • Jabberstudio Jabberd 2.0 B3

  • Jabberstudio Jabberd 2.0 Rc1

  • Jabberstudio Jabberd 2.0 Rc2

  • Jabberstudio Jabberd 2.0 S1

  • Jabberstudio Jabberd 2.0 S10

  • Jabberstudio Jabberd 2.0 S2

  • Jabberstudio Jabberd 2.0 S3

  • Jabberstudio Jabberd 2.0 S4

  • Jabberstudio Jabberd 2.0 S5

  • Jabberstudio Jabberd 2.0 S6

  • Jabberstudio Jabberd 2.0 S7

  • Jabberstudio Jabberd 2.0 S8

  • Jabberstudio Jabberd 2.0 S9


References

CONFIRM - http://article.gmane.org/gmane.network.jabber.admin/27372

XF - jabberd-sasl-dos(25334)

VUPEN - ADV-2006-1009

BID - 17155

REDHAT - RHSA-2008:0261

CONFIRM - http://support.apple.com/kb/HT4077

SECUNIA - 19281

APPLE - APPLE-SA-2010-03-29-1


Last Updated: 27 May 2016 10:42:02