lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20040920095122.GA9420@herbert.nsu.wimmer.be>
Date: Mon, 20 Sep 2004 11:51:22 +0200
From: Matthias Wimmer <m@...ias.net>
To: jadmin@...ber.org, bugtraq@...urityfocus.com
Subject: Possible DoS attack against jabberd 1.4.3 and jadc2s 0.9.0

jabberd up to and including version 1.4.3 and jadc2s up to and including
version 0.9.0 are vulnerable against a DoS attack reported by Jose
Antonio Calvo yesterday on the jabberd mailing list.
(http://jabberstudio.org/pipermail/jabberd/2004-September/002004.html)

An attacker can crash a running jabberd14 server, if it has access to
one of the following types of network sockets:
- Socket accepting client connections
- Socket accepting connections from other servers
- Socket connecting to an other Jabber server
- Socket accepting connections from server components
- Socket connecting to server components
(All connections on which XML is parsed by jabberd14.)

An attacker can crash a running jadc2s component, if it has access to on
of the following types of network sockets:
- Socket accepting client connections
- Socket connecting to the main Jabber server
(All connections on which XML is parsed by jadc2s.)

The attack can be tested by sending the byte sequence 0xEF, 0xBB, 0xBF
to any of the above sockets.

The bug has been fixed in the CVS versions of both projects already some
time ago as the affected code already had been removed from both
projects. Therefore you are not affected if you are running CVS
snapshots that are newer than 2004-05-22 (jabberd14) or 2004-09-07
(jadc2s).

A patch for jabberd 1.4.3 is available at the URI
http://devel.amessage.info/jabberd14/, a patch for jadc2s has not yet
been published but will be available on
http://devel.amessage.info/jadc2s/ shortly.

Related software:
- jabberd2 version 2.0s3 is not affected by this bug.
- Other projects, that incorporate jabberd14 code might be affected by
  this bug as well. This might include the Jabber module of CenterICQ
  (only vulnerable by a Jabber server CenterICQ connects to), but I have
  not tested this yet.

Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)

_______________________________________________
jadmin mailing list
jadmin@...ber.org
https://jabberstudio.org/mailman/listinfo/jadmin
FAQ: http://www.jabber.org/wiki/index.php/FAQ-JADMIN

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ