oss-sec mailing list archives
CVE request: openfire <3.5.0 Denial of Service
From: Robert Buchholz <rbu () gentoo org>
Date: Fri, 11 Apr 2008 01:44:52 +0200
Please assign a CVE identifier: Openfire (formerly wildfire) before 3.5.0 is prone to a Denial of Service vulnerability. It cannot handle clients that fail to read messages, and has no limit on their session's send buffer. Secunia: http://secunia.com/advisories/29751/ Upstream bug: http://www.igniterealtime.org/issues/browse/JM-1289 Commit: http://www.igniterealtime.org/fisheye/changelog/svn-org?cs=10031
Attachment:
signature.asc
Description: This is a digitally signed message part.
Current thread:
- CVE request: openfire <3.5.0 Denial of Service Robert Buchholz (Apr 10)
- Re: CVE request: openfire <3.5.0 Denial of Service Steven M. Christey (Apr 12)