oss-sec mailing list archives

CVE Request: prosody DoS, djabberd external entity injection

From: Wouter Coekaerts <wouter () coekaerts be>
Date: Tue, 14 Jun 2011 22:50:32 +0200

Hi,

As far as I know, there's no CVE for these ones yet. Could you assign one?
* prosody billion laughs DoS: http://blog.prosody.im/prosody-0-8-1-released/
* djabberd external entity injection:
http://groups.google.com/group/djabberd/browse_thread/thread/47974331c37e54c5#

Btw, a blog post about these and the other recent jabber billion
laughs vulnerabilities:
http://wouter.coekaerts.be/2011/jabber-dos

Regards,

Wouter.

Current thread:

CVE Request: prosody DoS, djabberd external entity injection Wouter Coekaerts (Jun 14)
- Re: CVE Request: prosody DoS, djabberd external entity injection Josh Bressers (Jun 15)