Gentoo Linux Security Advisory 201206-10 - Multiple vulnerabilities have been found in ejabberd, the worst of which allowing for remote Denial of Service. Versions less than 2.1.9 are affected.
6cd681249ed6044831c35f3c68aa924ec71fde18cf604b30cb8c2814194b8e5cDebian Linux Security Advisory 2248-1 - Wouter Coekaerts discovered that ejabberd, a distributed XMPP/Jabber server written in Erlang, is vulnerable to the so-called "billion laughs" attack because it does not prevent entity expansion on received data. This allows an attacker to perform denial of service attacks against the service by sending specially crafted XML data to it.
de1900df9f3c9ee82372dc03eef9a63db5a89024f5837f7f77fe44f4b9d4e27b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed