Vulnerabilities > CVE-2004-0013 - Denial of Service vulnerability in Jabber Server SSL Handling

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

jabber-software-foundation

nessus

NVD

Published: 2004-02-03

Updated: 2017-10-10

Summary

jabber 1.4.2, 1.4.2a, and possibly earlier versions, does not properly handle SSL connections, which allows remote attackers to cause a denial of service (crash).

Vulnerable Configurations

Part	Description	Count
Application	Jabber_Software_Foundation Jabber Software Foundation Jabber Server 1.4.2A Jabber Software Foundation Jabber Server 1.4.3	2

Nessus

NASL family	Mandriva Local Security Checks
NASL id	MANDRAKE_MDKSA-2004-005.NASL
description	A vulnerability was found in the jabber program where a bug in the handling of SSL connections could cause the server process to crash, resulting in a DoS (Denial of Service). The updated packages are patched to correct the problem.
last seen	2020-06-01
modified	2020-06-02
plugin id	14105
published	2004-07-31
reporter	This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/14105
title	Mandrake Linux Security Advisory : jabber (MDKSA-2004:005)

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-414.NASL
description	A vulnerability was discovered in jabber, an instant messaging server, whereby a bug in the handling of SSL connections could cause the server process to crash, resulting in a denial of service.
last seen	2020-06-01
modified	2020-06-02
plugin id	15251
published	2004-09-29
reporter	This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/15251
title	Debian DSA-414-1 : jabber - denial of service

Summary

Vulnerable Configurations

Nessus

References