Vulnerability Details : CVE-2006-1329
The SASL negotiation in Jabber Studio jabberd before 2.0s11 allows remote attackers to cause a denial of service ("c2s segfault") by sending a "response stanza before an auth stanza".
Vulnerability category: Denial of service
Exploit prediction scoring system (EPSS) score for CVE-2006-1329
Probability of exploitation activity in the next 30 days: 6.61%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 93 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2006-1329
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
References for CVE-2006-1329
-
http://www.securityfocus.com/bid/17155
-
http://article.gmane.org/gmane.network.jabber.admin/27372
Patch
-
http://support.apple.com/kb/HT4077
About the security content of Security Update 2010-002 / Mac OS X v10.6.3 - Apple Support
-
http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
Apple - Lists.apple.com
-
http://www.redhat.com/support/errata/RHSA-2008-0261.html
Support
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/25334
-
http://www.vupen.com/english/advisories/2006/1009
Vendor Advisory
Products affected by CVE-2006-1329
- cpe:2.3:a:jabberstudio:jabberd:*:*:*:*:*:*:*:*
- cpe:2.3:a:jabberstudio:jabberd:2.0_b2:*:*:*:*:*:*:*
- cpe:2.3:a:jabberstudio:jabberd:2.0_b3:*:*:*:*:*:*:*
- cpe:2.3:a:jabberstudio:jabberd:2.0_s5:*:*:*:*:*:*:*
- cpe:2.3:a:jabberstudio:jabberd:2.0_s6:*:*:*:*:*:*:*
- cpe:2.3:a:jabberstudio:jabberd:2.0_a1:*:*:*:*:*:*:*
- cpe:2.3:a:jabberstudio:jabberd:2.0_a2:*:*:*:*:*:*:*
- cpe:2.3:a:jabberstudio:jabberd:2.0_a3:*:*:*:*:*:*:*
- cpe:2.3:a:jabberstudio:jabberd:2.0_rc1:*:*:*:*:*:*:*
- cpe:2.3:a:jabberstudio:jabberd:2.0_rc2:*:*:*:*:*:*:*
- cpe:2.3:a:jabberstudio:jabberd:2.0_s7:*:*:*:*:*:*:*
- cpe:2.3:a:jabberstudio:jabberd:2.0_s8:*:*:*:*:*:*:*
- cpe:2.3:a:jabberstudio:jabberd:2.0_a4:*:*:*:*:*:*:*
- cpe:2.3:a:jabberstudio:jabberd:2.0_a5:*:*:*:*:*:*:*
- cpe:2.3:a:jabberstudio:jabberd:2.0_s1:*:*:*:*:*:*:*
- cpe:2.3:a:jabberstudio:jabberd:2.0_s2:*:*:*:*:*:*:*
- cpe:2.3:a:jabberstudio:jabberd:2.0_s9:*:*:*:*:*:*:*
- cpe:2.3:a:jabberstudio:jabberd:2.0_a6:*:*:*:*:*:*:*
- cpe:2.3:a:jabberstudio:jabberd:2.0_b1:*:*:*:*:*:*:*
- cpe:2.3:a:jabberstudio:jabberd:2.0_s3:*:*:*:*:*:*:*
- cpe:2.3:a:jabberstudio:jabberd:2.0_s4:*:*:*:*:*:*:*