CVE-2014-2744 in Metronomethông tin

Tóm tắt

Bởi MITRE

plugins/mod_compression.lua in (1) Prosody before 0.9.4 and (2) Lightwitch Metronome through 3.4 negotiates stream compression while a session is unauthenticated, which allows remote attackers to cause a denial of service (resource consumption) via compressed XML elements in an XMPP stream, aka an "xmppbomb" attack.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Đặt trước

08/04/2014

Tiết lộ

10/04/2014

Kiểm duyệt

được chấp nhận

mục

VDB-66932

EPSS

0.03313

KEV

không

Các hoạt động

rất thấp

Nguồn

Do you want to use VulDB in your project?

Use the official API to access entries easily!