oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE Request -- ejabberd

From: Josh Bressers <bressers () redhat com>
Date: Fri, 29 Jan 2010 14:40:40 -0500 (EST)
----- "Jan Lieskovsky" <jlieskov () redhat com> wrote:


Hi Josh, Steve, vendors,

   a remotely exploitable DoS from XMPP client to ejabberd server
via too many "client2server" messages (causing the message queue on
the server to get overloaded, leading to server crash) has been
found:

   https://support.process-one.net/browse/EJAB-1173

Links to applied patches are in:

  
https://support.process-one.net/browse/EJAB-1173;jsessionid=CC9A1D875A20197DD4571444DA8C1EFB?page=com.atlassian.jira.plugin.system.issuetabpanels%3Aall-tabpanel



Please use CVE-2010-0305

Thanks.

-- 
    JB
Previous By Date Next
Previous By Thread Next

Current thread: