Openfire < 3.5.0 Queue Handling Remote DoS

This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.

Synopsis :

The remote host contains an application that is prone to a denial of
service attack.

Description :

The remote host is running Openfire / Wildfire, an instant messaging
server supporting the XMPP protocol.

According to its version, the installation of Openfire or Wildfire on
the remote host suffers from a denial of service vulnerability that
could bring the server down because it has no limit on a client
session's send buffer and can not handle clients that fail to read

See also :

Solution :

Upgrade to Openfire version 3.5.0 or later.

Risk factor :

High / CVSS Base Score : 7.8
CVSS Temporal Score : 6.8
Public Exploit Available : false

Family: Denial of Service

Nessus Plugin ID: 31855 ()

Bugtraq ID: 28722

CVE ID: CVE-2008-1728

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now