Test Kennung:	1.3.6.1.4.1.25623.1.0.69997
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Ports: ejabberd
Zusammenfassung:	The remote host is missing an update to the system; as announced in the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: ejabberd CVE-2011-1753 expat_erl.c in ejabberd before 2.1.7 and 3.x before 3.0.0-alpha-3, and exmpp before 0.9.7, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1753 44765 http://secunia.com/advisories/44765 44807 http://secunia.com/advisories/44807 45120 http://secunia.com/advisories/45120 48072 http://www.securityfocus.com/bid/48072 DSA-2248 http://www.debian.org/security/2011/dsa-2248 FEDORA-2011-8415 http://lists.fedoraproject.org/pipermail/package-announce/2011-June/062099.html FEDORA-2011-8437 http://lists.fedoraproject.org/pipermail/package-announce/2011-June/062145.html ejabberd-xml-dos(67769) https://exchange.xforce.ibmcloud.com/vulnerabilities/67769 http://www.ejabberd.im/ejabberd-2.1.7 http://www.process-one.net/en/ejabberd/release_notes/release_note_ejabberd_2.1.7/ https://bugzilla.redhat.com/show_bug.cgi?id=700454 https://git.process-one.net/ejabberd/mainline/commit/bd1df027c622e1f96f9eeaac612a6a956c1ff0b6
Copyright	Copyright (C) 2011 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.