4
CVE-2011-4320
- EPSS 2.08%
- Veröffentlicht 18.02.2012 00:55:02
- Zuletzt bearbeitet 16.06.2026 23:34:46
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
LoginThe mod_pubsub module (mod_pubsub.erl) in ejabberd 2.1.8 and 3.0.0-alpha-3 allows remote authenticated users to cause a denial of service (infinite loop) via a stanza with a publish tag that lacks a node attribute.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Process-one ≫ Ejabberd Version2.1.8
Process-one ≫ Ejabberd Version3.0.0 Updatealpha3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.08% | 0.791 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:N/I:N/A:P
|
http://secunia.com/advisories/46915
http://www.openwall.com/lists/oss-security/2011/11/19/1
http://www.openwall.com/lists/oss-security/2011/11/19/2
http://www.osvdb.org/77302
http://www.process-one.net/en/ejabberd/release_notes/release_note_ejabberd_2.1.9
https://support.process-one.net/browse/EJAB-1498