Bug 700454 - (CVE-2011-1753) CVE-2011-1753 ejabberd: DoS via the XML "billion laughs attack"
CVE-2011-1753 ejabberd: DoS via the XML "billion laughs attack"
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
public=20110531,reported=20110427,sou...
: Security
Depends On:
Blocks: 734554
  Show dependency treegraph
 
Reported: 2011-04-28 08:52 EDT by Jan Lieskovsky
Modified: 2013-04-15 11:00 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-04-15 11:00:56 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jan Lieskovsky 2011-04-28 08:52:42 EDT
ejabberd, when expat is used, do not properly detect recursion
during entity expansion, which allows context-dependent attackers
to cause a denial of service (memory and CPU consumption) via a
crafted XML document containing a large number of nested entity
references, aka the "billion laughs attack." 

References:
[1] http://en.wikipedia.org/wiki/Billion_laughs
[2] http://www.ibm.com/developerworks/xml/library/x-tipcfsx/
Comment 1 Jan Lieskovsky 2011-04-28 08:54:57 EDT
This issue affects the versions of the ejabberd package, as present
within EPEL-5 and EPEL-6 repositories.

This issue affects the versions of the ejabberd package, as shipped
with Fedora release of 13 and 14.
Comment 4 Jan Lieskovsky 2011-04-28 09:09:51 EDT
The CVE identifier of CVE-2011-1753 has been assigned to this issue.
Comment 5 Tomas Hoger 2011-06-03 10:48:13 EDT
Public now via:
  http://www.ejabberd.im/ejabberd-2.1.7
Comment 6 Jan Lieskovsky 2011-06-03 10:53:10 EDT
The fix for this issue has been already included in the following updates:
1) ejabberd-2.1.8-1.el6 for EPEL-6,
2) ejabberd-2.1.8-1.el5 for EPEL-5,
3) ejabberd-2.1.8-1.fc15 for Fedora-15 and finally
4) ejabberd-2.1.8-1.fc14 for Fedora-14.
Comment 7 Peter Lemenkov 2011-06-03 11:03:03 EDT
(In reply to comment #6)
> The fix for this issue has been already included in the following updates:
> 1) ejabberd-2.1.8-1.el6 for EPEL-6,
> 2) ejabberd-2.1.8-1.el5 for EPEL-5,
> 3) ejabberd-2.1.8-1.fc15 for Fedora-15 and finally
> 4) ejabberd-2.1.8-1.fc14 for Fedora-14.

Note - I don't plan to update F-13 (it will be obsoleted very soon so why bother).

Note You need to log in before you can comment on or make changes to this bug.