jabber-gg-transport Empty priority Tag DoS

2004-02-20T06:44:50
ID OSVDB:19788
Type osvdb
Reporter OSVDB
Modified 2004-02-20T06:44:50

Description

Vulnerability Description

jabber-gg-transport contains a flaw that may allow a remote denial of service. The issue is triggered when a remote user sends an empty closing 'priority' tag, and will result in loss of availability for the service.

Solution Description

Upgrade to version 2.0.8 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

jabber-gg-transport contains a flaw that may allow a remote denial of service. The issue is triggered when a remote user sends an empty closing 'priority' tag, and will result in loss of availability for the service.

References:

Secunia Advisory ID:10974 Related OSVDB ID: 4057 Related OSVDB ID: 19787 Other Advisory URL: http://www.jabberstudio.org/projects/jabber-gg-transport/news/view.php?id=421 Keyword: x ISS X-Force ID: 15319 CVE-2004-2391 Bugtraq ID: 9710