Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1728

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2008-1728
Last Modified 07 Mar 2011 10:07:32
Published 11 Apr 2008 03:05:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2008-1728

Summary

ConnectionManagerImpl.java in Ignite Realtime Openfire 3.4.5 allows remote authenticated users to cause a denial of service (daemon outage) by triggering large outgoing queues without reading messages.

Vulnerable Systems

Application

  • Ignite Realtime Openfire 3.4.5


References

XF - openfire-unspecified-dos(41744)

VUPEN - ADV-2008-1188

BID - 28722

MLIST - [oss-security] 20080411 CVE request: openfire <3.5.0 Denial of Service

CONFIRM - http://www.igniterealtime.org/issues/browse/JM-1289

MISC - http://www.igniterealtime.org/fisheye/changelog/svn-org?cs=10031

CONFIRM - http://www.igniterealtime.org/builds/openfire/docs/latest/changelog.html

GENTOO - GLSA-200804-26

SECUNIA - 29901

SECUNIA - 29751

XF - openfire-connectionmanagerImpljava-dos(41744)


Last Updated: 27 May 2016 10:47:28