Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1757


Vulnerability Score 5.0 5.0
CVE Id CVE-2011-1757
Last Modified 28 Jun 2011 12:00:00
Published 20 Jun 2011 10:52:43
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



DJabberd 0.84 and earlier does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.

Vulnerable Systems


  • Brad Fitzpatrick Djabberd 0.80

  • Brad Fitzpatrick Djabberd 0.81

  • Brad Fitzpatrick Djabberd 0.82

  • Brad Fitzpatrick Djabberd 0.83

  • Brad Fitzpatrick Djabberd 0.84


MLIST - [djabberd] 20110604 CVE-2011-1757: djabberd billion laughs vulnerability

Last Updated: 27 May 2016 10:56:26