Thursday, May 20, 2021

SUSE: CVE-2021-32919: SUSE Linux Security Advisory

linux vulnerabilities In: , 
Description
An issue was discovered in Prosody before 0.11.9. The undocumented dialback_without_dialback option in mod_dialback enables an experimental feature for server-to-server authentication. It does not correctly authenticate remote server certificates, allowing a remote server to impersonate another server (when this option is enabled).
Solution(s)
  • suse-upgrade-prosody
  • suse-upgrade-prosody-debuginfo
  • suse-upgrade-prosody-debugsource


    • References
  • CVE-2021-32919




    •  

    Copyright © 2021 Vulnerability Database | Cyber Details™

    thank you Templateism for the design - You should have written the code a little more complicated - Nothing Encrypted anymore