Debian DSA-4388-1 : mosquitto - security update

High Nessus Plugin ID 122069


The remote Debian host is missing a security-related update.


Three vulnerabilities were discovered in the Mosquitto MQTT broker,
which could result in authentication bypass. Please refer to for
additional information.


Upgrade the mosquitto packages.

For the stable distribution (stretch), these problems have been fixed
in version 1.4.10-3+deb9u3.

See Also

Plugin Details

Severity: High

ID: 122069

File Name: debian_DSA-4388.nasl

Version: 1.1

Type: local

Agent: unix

Published: 2019/02/11

Modified: 2019/02/11

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:mosquitto, cpe:/o:debian:debian_linux:9.0

Patch Publication Date: 2019/02/10

Reference Information

CVE: CVE-2018-12546, CVE-2018-12550, CVE-2018-12551

DSA: 4388