MidnightBSD

Advisories for jabberd

CVE-2011-1754 MEDIUM

jabberd14 1.6.1.1 and earlier does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
jabberd jabberd14 1.4.3.1
jabberd jabberd14 *
jabberd jabberd14 1.4.2
jabberd jabberd14 1.4.3
jabberd jabberd14 1.4.1
jabberd jabberd14 1.6.1
jabberd jabberd14 1.6.0
jabberd jabberd14 1.4.4