Candidate: CVE-2013-6169
PublicDate: 2013-10-17 23:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6169
 https://www.process-one.net/en/ejabberd/release_notes/release_note_ejabberd_2.1.12/
 http://www.debian.org/security/2013/dsa-2775
Description:
 The TLS driver in ejabberd before 2.1.12 supports (1) SSLv2 and (2) weak
 SSL ciphers, which makes it easier for remote attackers to obtain sensitive
 information via a brute-force attack.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.launchpad.net/ubuntu/+source/ejabberd/+bug/1239307
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_ejabberd:
upstream_ejabberd: released (2.1.12, 2.1.10-4+deb7u1, 2.1.5-3+squeeze2)
lucid_ejabberd: ignored (reached end-of-life)
precise_ejabberd: released (2.1.10-2ubuntu1.2)
quantal_ejabberd: released (2.1.10-3ubuntu0.1)
raring_ejabberd: released (2.1.10-4ubuntu0.1)
saucy_ejabberd: released (2.1.10-5ubuntu1)
devel_ejabberd: released (2.1.10-5ubuntu1)