CVE-2010-0305

EPSS 3.11%
Veröffentlicht 03.02.2010 19:30:00
Zuletzt bearbeitet 16.06.2026 23:15:54
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

ejabberd_c2s.erl in ejabberd before 2.1.3 allows remote attackers to cause a denial of service (daemon crash) via a large number of c2s (aka client2server) messages that trigger a queue overload.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 13

NVD 22 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Process-one ≫ Ejabberd Version <= 2.1.2

Process-one ≫ Ejabberd Version0.9

Process-one ≫ Ejabberd Version0.9.1

Process-one ≫ Ejabberd Version0.9.8

Process-one ≫ Ejabberd Version1.0.0

Process-one ≫ Ejabberd Version1.1.0

Process-one ≫ Ejabberd Version1.1.1

Process-one ≫ Ejabberd Version1.1.1.0

Process-one ≫ Ejabberd Version1.1.1.1

Process-one ≫ Ejabberd Version1.1.2

Process-one ≫ Ejabberd Version1.1.3

Process-one ≫ Ejabberd Version1.1.14

Process-one ≫ Ejabberd Version2.0.0

Process-one ≫ Ejabberd Version2.0.0 Updatebeta1

Process-one ≫ Ejabberd Version2.0.0 Updaterc1

Process-one ≫ Ejabberd Version2.0.1_2

Process-one ≫ Ejabberd Version2.0.2

Process-one ≫ Ejabberd Version2.0.3

Process-one ≫ Ejabberd Version2.0.4

Process-one ≫ Ejabberd Version2.0.5

Process-one ≫ Ejabberd Version2.1.0

Process-one ≫ Ejabberd Version2.1.1

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	3.11%	0.861

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://secunia.com/advisories/38337

Vendor Advisory

http://secunia.com/advisories/39423

http://www.debian.org/security/2010/dsa-2033

http://www.openwall.com/lists/oss-security/2010/01/29/1

Patch

http://www.openwall.com/lists/oss-security/2010/01/29/5

Patch

http://www.osvdb.org/62066

http://www.securityfocus.com/bid/38003

http://www.vupen.com/english/advisories/2010/0894

https://exchange.xforce.ibmcloud.com/vulnerabilities/56025

https://support.process-one.net/browse/EJAB-1173

https://nvd.nist.gov/vuln/detail/CVE-2010-0305

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-0305

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-0305

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2010-0305