ID de Prueba:	1.3.6.1.4.1.25623.1.0.902527
Categoría:	Denial of Service
Título:	ejabberd XML Parsing Denial of Service Vulnerability - Windows
Resumen:	ejabberd is prone to a denial of service (DoS) vulnerability.
Descripción:	Summary: ejabberd is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: The flaw is due to an error within the parsing of certain XML input, which can be exploited to cause a high CPU and memory consumption via a crafted XML document containing a large number of nested entity references. Vulnerability Impact: Successful exploitation allows remote attackers to cause a denial of service. Affected Software/OS: ejabberd versions before 2.1.7 and 3.x before 3.0.0-alpha-3 Solution: Upgrade to ejabberd version 2.1.7, 3.0.0-alpha-3 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1753 44765 http://secunia.com/advisories/44765 44807 http://secunia.com/advisories/44807 45120 http://secunia.com/advisories/45120 48072 http://www.securityfocus.com/bid/48072 DSA-2248 http://www.debian.org/security/2011/dsa-2248 FEDORA-2011-8415 http://lists.fedoraproject.org/pipermail/package-announce/2011-June/062099.html FEDORA-2011-8437 http://lists.fedoraproject.org/pipermail/package-announce/2011-June/062145.html ejabberd-xml-dos(67769) https://exchange.xforce.ibmcloud.com/vulnerabilities/67769 http://www.ejabberd.im/ejabberd-2.1.7 http://www.process-one.net/en/ejabberd/release_notes/release_note_ejabberd_2.1.7/ https://bugzilla.redhat.com/show_bug.cgi?id=700454 https://git.process-one.net/ejabberd/mainline/commit/bd1df027c622e1f96f9eeaac612a6a956c1ff0b6
Copyright	Copyright (C) 2011 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.