Bug 755551 (CVE-2011-4320) - CVE-2011-4320 ejabberd (mod_pubsub): DoS (infinite loop, excessive CPU consumption) by processing malformed <publish> stanza
Summary: CVE-2011-4320 ejabberd (mod_pubsub): DoS (infinite loop, excessive CPU consum...
Alias: CVE-2011-4320
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
Depends On: 755556 755557 755558
TreeView+ depends on / blocked
Reported: 2011-11-21 13:19 UTC by Jan Lieskovsky
Modified: 2021-10-19 21:50 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2021-10-19 21:50:56 UTC

Attachments (Terms of Use)

Description Jan Lieskovsky 2011-11-21 13:19:58 UTC
A denial of service flaw was found in the way PubSub extension of the ejabberd, a distributed, fault-tolerant Jabber/XMPP server, performed processing of certain, malformed <publish/> stanzas. A remote attacker, authenticated Jabber user, could send a specially-crafted request to Jabber server, leading to the jabberd daemon to enter an infinite loop and consume excessive amount of CPU, while processing the stanza.

[1] http://www.ejabberd.im/ejabberd-2.1.9

Upstream bug report:
[2] https://support.process-one.net/browse/EJAB-1498

Relevant upstream commits:
[3] https://git.process-one.net/ejabberd/mainline/commit/d3c4eab46f3cd54f7686cfed740d9c130b6801cf
    (original fix to correct the EJAB-1498 issue),
[4] https://git.process-one.net/ejabberd/mainline/commit/fa08db7091f5ba904f337e30ec7c9a46857eb36d
    (correction of broken PEP upon [3] commit)

Comment 1 Jan Lieskovsky 2011-11-21 13:23:01 UTC
This issue affects the versions of the ejabberd package, as shipped with Fedora EPEL 5 and Fedora EPEL 6 releases. Please schedule an update.


This issue affects the versions of the ejabberd package, as shipped with Fedora release of 14, 15, and 16. Please schedule an update.

Comment 2 Jan Lieskovsky 2011-11-21 13:26:23 UTC
Created ejabberd tracking bugs for this issue

Affects: epel-5 [bug 755556]
Affects: epel-6 [bug 755557]
Affects: fedora-all [bug 755558]

Comment 3 Jan Lieskovsky 2011-11-21 13:32:20 UTC
CVE assignment:
[5] http://www.openwall.com/lists/oss-security/2011/11/19/2

Comment 4 Peter Lemenkov 2011-11-22 07:53:11 UTC
Sorry for the hiatus, folks.

I'm working on packaging 2.1.9 right now. The only issue I need to resolve is that ejabberd in Fedora is shipped with custom module for GSSAPI support - I'm working on rebasing it on top of 2.1.9 tag (I plan to finish it in a couple of hours).

Also I plan to tightly integrate it with systemd, so expect update tomorrow morning (~ 08.00 UTC).

Comment 5 Peter Lemenkov 2011-11-22 13:08:01 UTC
Ok, I added first two builds for F-15 and F-16 (no builds for F-14 - sorry for that). Will add EL-[56] builds later.

Comment 6 Peter Lemenkov 2012-05-06 13:27:23 UTC
This was fixed long time ago. Can we just close this now?

Note You need to log in before you can comment on or make changes to this bug.