oss-sec mailing list archives
Re: CVE Request -- ejabberd
From: Josh Bressers <bressers () redhat com>
Date: Fri, 29 Jan 2010 14:40:40 -0500 (EST)
----- "Jan Lieskovsky" <jlieskov () redhat com> wrote:
Hi Josh, Steve, vendors, a remotely exploitable DoS from XMPP client to ejabberd server via too many "client2server" messages (causing the message queue on the server to get overloaded, leading to server crash) has been found: https://support.process-one.net/browse/EJAB-1173 Links to applied patches are in: https://support.process-one.net/browse/EJAB-1173;jsessionid=CC9A1D875A20197DD4571444DA8C1EFB?page=com.atlassian.jira.plugin.system.issuetabpanels%3Aall-tabpanel
Please use CVE-2010-0305 Thanks. -- JB
Current thread:
- CVE Request -- ejabberd Jan Lieskovsky (Jan 29)
- Re: CVE Request -- ejabberd Josh Bressers (Jan 29)