[SECURITY] [DSA 1774-1] New ejabberd packages fix cross-site scripting <!– Envelope-to: email@address Delivery-date: Fri, 17 Apr 2009 18:09:06 +0100 Received: from outgoing.securityfocus.com ([205.206.231.26] helo=outgoing2.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1LurYo-0002Ii-LF for email@address; Fri, 17 Apr 2009 18:09:06 +0100 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing2.securityfocus.com (Postfix) with QMQP id A58E1143B81; Fri, 17 Apr [...]
Posts Tagged ‘Jabber’
New ejabberd packages fix cross-site scripting
[SECURITY] [DSA 1774-1] New ejabberd packages fix cross-site scripting Posted by Steffen Joeris on Apr 17 ———————————————————————— Debian Security Advisory DSA-1774-1 security_at_debian.org www.debian.org/security/ Steffen Joeris April 17, 2009 www.debian.org/security/faq … URL: http://seclists.org/fulldisclosure/2009/Apr/0180.html
ejabberd MUC Logs Cross Site Scripting Vulnerability
Vuln: ejabberd MUC Logs Cross Site Scripting Vulnerability ejabberd MUC Logs Cross Site Scripting Vulnerability URL: http://www.securityfocus.com/bid/34133
Making the most of your runbooks, (Fri, Mar 20th)
Making the most of your runbooks, (Fri, Mar 20th) To perform effective security incident handling, a standard model is often used. SANS through its GIAC GCIH affiliation certification teaches a six step model comprising of the following steps: preparation, identification, containment, eradication, recovery and lessons learned. Today, I want to look at preparation. Given that [...]
0934 (ejabberd)
CVE-2009-0934 (ejabberd) Cross-site scripting (XSS) vulnerability in ejabberd before 2.0.4 allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to links and MUC logs. URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0934
