jabberd -- SASL Negotiation Denial of Service Vulnerability

2006-03-20T00:00:00
ID F4AF098D-D921-11DA-AD4A-00123FFE8333
Type freebsd
Reporter FreeBSD
Modified 2006-03-20T00:00:00

Description

Secunia reports:

A vulnerability has been reported in jabberd, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the handling of SASL negotiation. This can be exploited to cause a crash by sending a "response" stanza before an "auth" stanza.