CVE-2017-18265

Name of the Vulnerable Software and Affected Versions: Prosody versions prior to 0.10.0

Description: The issue allows remote attackers to cause a denial of service, resulting in an application crash. This is related to an incompatibility with certain versions of the LuaSocket library. An attacker can trigger a stream error to cause the crash, which can be observed in modules such as the c2s module.

Recommendations: For versions prior to 0.10.0, update to version 0.10.0 or later to resolve the issue. As a temporary workaround, consider restricting access to modules that may be affected by the LuaSocket library incompatibility, such as the c2s module, to minimize the risk of exploitation.