oss-sec mailing list archives
CVE Request -- ejabberd
From: Jan Lieskovsky <jlieskov () redhat com>
Date: Fri, 29 Jan 2010 10:37:06 +0100
Hi Josh, Steve, vendors, a remotely exploitable DoS from XMPP client to ejabberd server via too many "client2server" messages (causing the message queue on the server to get overloaded, leading to server crash) has been found: https://support.process-one.net/browse/EJAB-1173 Links to applied patches are in: https://support.process-one.net/browse/EJAB-1173;jsessionid=CC9A1D875A20197DD4571444DA8C1EFB?page=com.atlassian.jira.plugin.system.issuetabpanels%3Aall-tabpanel Could you allocate a CVE id for this? Thanks && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team
Current thread:
- CVE Request -- ejabberd Jan Lieskovsky (Jan 29)
- Re: CVE Request -- ejabberd Josh Bressers (Jan 29)