Ejabberd 'mod_pubsub' Module Denial Of Service Vulnerability Network Vulnerability

Summary

ejabberd is prone to a vulnerability that may allow attackers to cause an affected application to enter an infinite loop, resulting in a denial-of- service condition. ejabberd versions prior to 2.1.9 are affected.

Solution

Updates are available. Please see the references for more information.

References

http://www.ejabberd.im/
http://www.process-one.net/en/ejabberd/release_notes/release_note_ejabberd_2.1.9/
http://www.securityfocus.com/bid/50737
https://support.process-one.net/browse/EJAB-1498

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-4320
CVSS Base Score: 4.0
AV:N/AC:L/Au:S/C:N/I:N/A:P

Related Vulnerabilities

Cogent DataHub Integer Overflow Vulnerability
Apache APR-Utils Multiple Denial of Service Vulnerabilities
Apple Safari URI NULL Pointer Dereference DoS Vulnerability (Win)
Apache Input Header Folding and mod_ssl ssl_io_filter_cleanup DoS Vulnerabilities
ArGoSoft FTP Server XCWD Overflow

ejabberd 'mod_pubsub' Module Denial of Service Vulnerability

Take action and discover your vulnerabilities