oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE Request -- ejabberd

From: Jan Lieskovsky <jlieskov () redhat com>
Date: Fri, 29 Jan 2010 10:37:06 +0100
Hi Josh, Steve, vendors,

  a remotely exploitable DoS from XMPP client to ejabberd server
via too many "client2server" messages (causing the message queue on
the server to get overloaded, leading to server crash) has been found:

  https://support.process-one.net/browse/EJAB-1173

Links to applied patches are in:

  
https://support.process-one.net/browse/EJAB-1173;jsessionid=CC9A1D875A20197DD4571444DA8C1EFB?page=com.atlassian.jira.plugin.system.issuetabpanels%3Aall-tabpanel

Could you allocate a CVE id for this?

Thanks && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team
Previous By Date Next
Previous By Thread Next

Current thread: