CVE-2017-10807

Published: Jul 4, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

JabberD 2.x (aka jabberd2) before 2.6.1 allows anyone to authenticate using SASL ANONYMOUS, even when the sasl.anonymous c2s.xml option is not enabled.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/jabberd2/jabberd2/commit/8416ae54ecefa670534f27a31db71d048b9c7f16

x_refsource_CONFIRM

DSA-3902

vendor-advisory

x_refsource_DEBIAN

https://github.com/jabberd2/jabberd2/releases/tag/jabberd-2.6.1

x_refsource_CONFIRM

99511

vdb-entry

x_refsource_BID

https://bugs.debian.org/867032

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-10807

Description

Affected Products

References