CVE-2014-2745 in Prosodyالمعلومات

الملخص

بحسب MITRE

Prosody before 0.9.4 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an "xmppbomb" attack, related to core/portmanager.lua and util/xmppstream.lua.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

حجز

08/04/2014

إفشاء

10/04/2014

الاعتدال

تمت الموافقة

إدخال

VDB-66933

EPSS

0.03141

KEV

لا

النشاطات

منخفض جدًا

المصادر

Interested in the pricing of exploits?

See the underground prices here!