Openfire < 3.5.0 Queue Handling Remote DoS

Low Nessus Network Monitor Plugin ID 4463

Synopsis

The remote host contains an application that is prone to a denial of service attack.

Description

The remote host is running Openfire / Wildfire, an instant messaging server that supports the XMPP protocol. According to its version, the installation of Openfire or Wildfire on the remote host suffers from an unspecified denial of service vulnerability that could bring the server down.

Solution

Upgrade to version 3.5.0 or higher.

See Also

http://www.openwall.com/lists/oss-security/2008/04/10/7

http://www.igniterealtime.org/issues/browse/JM-1289

Plugin Details

Severity: Low

ID: 4463

File Name: 4463.prm

Family: CGI

Published: 2008/04/14

Modified: 2016/02/05

Nessus ID: 31855

Risk Information

Risk Factor: Low

CVSSv2

Base Score: 2.6

Temporal Score: 1.9

Vector: CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSSv3

Base Score: 3.6

Temporal Score: 3.1

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Temporal Vector: CVSS3#E:U/RL:O/RC:C

Reference Information

CVE: CVE-2008-1728

BID: 28722