CVE-2013-6169

EPSS 0.44%

ejabberd - insecure SSL usage

Published: 10/17/2013Modified: 4/28/2026

Description

The TLS driver in ejabberd before 2.1.12 supports (1) SSLv2 and (2) weak SSL ciphers, which makes it easier for remote attackers to obtain sensitive information via a brute-force attack.

Affected packages (2)

Debian/ejabberdfrom 0, < 2.1.11-1
Debian/ejabberdfrom 0, < 2.1.5-3+squeeze2

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-6169