Apr 17th, 2009
by invalid string.
[SECURITY] [DSA 1774-1] New ejabberd packages fix cross-site scripting
<!– Envelope-to: email@address Delivery-date: Fri, 17 Apr 2009 18:09:06 +0100 Received: from outgoing.securityfocus.com ([205.206.231.26] helo=outgoing2.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1LurYo-0002Ii-LF for email@address; Fri, 17 Apr 2009 18:09:06 +0100 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing2.securityfocus.com (Postfix) with QMQP id A58E1143B81; Fri, 17 Apr 2009 [...]
Apr 17th, 2009
by invalid string.
[SECURITY] [DSA 1774-1] New ejabberd packages fix cross-site scripting
Posted by Steffen Joeris on Apr 17
———————————————————————— Debian Security Advisory DSA-1774-1 security_at_debian.org www.debian.org/security/ [...]
Apr 16th, 2009
by invalid string.
Vuln: ejabberd MUC Logs Cross Site Scripting Vulnerability
ejabberd MUC Logs Cross Site Scripting Vulnerability
URL: http://www.securityfocus.com/bid/34133
Mar 21st, 2009
by invalid string.
Making the most of your runbooks, (Fri, Mar 20th)
To perform effective security incident handling, a standard model is often used. SANS through its GIAC GCIH affiliation certification teaches a six step model comprising of the following steps: preparation, identification, containment, eradication, recovery and lessons learned. Today, I want to look at preparation. Given that [...]
Mar 16th, 2009
by invalid string.
CVE-2009-0934 (ejabberd)
Cross-site scripting (XSS) vulnerability in ejabberd before 2.0.4 allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to links and MUC logs.
URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0934
