Showing 1 - 1 of 1

CVE-2009-1596

Status Candidate

Overview

Ignite Realtime Openfire before 3.6.5 does not properly implement the register.password (aka canChangePassword) console configuration setting, which allows remote authenticated users to bypass intended policy and change their own passwords via a passwd_change IQ packet.

Related Files

Gentoo Linux Security Advisory 201406-35: Posted Jun 30, 2014; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201406-35 - Multiple vulnerabilities have been found in Openfire, the worst of which could lead to a Denial of Service condition. Versions less than 3.9.2-r1 are affected.; tags | advisory, denial of service, vulnerability; systems | linux, gentoo; advisories | CVE-2009-1595, CVE-2009-1596, CVE-2014-2741; SHA-256 | 41324993ffa3eb7b745123fc71b6da971e9a55bdf18cdf640e314610a2cc46af; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 260 files
indoushka 124 files
Ubuntu 97 files
Gentoo 36 files
Debian 25 files
Jasper Nota 25 files
Willem Westerhof 19 files
Jim Blankendaal 11 files
Apple 9 files
Martijn Baalman 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,107)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,567)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,887)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,614)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,775)
UNIX (9,439)
UnixWare (187)
Windows (6,676)
Other

CVE-2009-1596

Overview

Related Files

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems