Bug 755551 - (CVE-2011-4320) CVE-2011-4320 ejabberd (mod_pubsub): DoS (infinite loop, excessive CPU consumption) by processing malformed <publish> stanza
CVE-2011-4320 ejabberd (mod_pubsub): DoS (infinite loop, excessive CPU consum...
Status: NEW
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
impact=moderate,public=20110921,repor...
: Security
Depends On: 755556 755557 755558
Blocks:
  Show dependency treegraph
 
Reported: 2011-11-21 08:19 EST by Jan Lieskovsky
Modified: 2016-03-04 05:44 EST (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Jan Lieskovsky 2011-11-21 08:19:58 EST
A denial of service flaw was found in the way PubSub extension of the ejabberd, a distributed, fault-tolerant Jabber/XMPP server, performed processing of certain, malformed <publish/> stanzas. A remote attacker, authenticated Jabber user, could send a specially-crafted request to Jabber server, leading to the jabberd daemon to enter an infinite loop and consume excessive amount of CPU, while processing the stanza.

References:
[1] http://www.ejabberd.im/ejabberd-2.1.9

Upstream bug report:
[2] https://support.process-one.net/browse/EJAB-1498

Relevant upstream commits:
[3] https://git.process-one.net/ejabberd/mainline/commit/d3c4eab46f3cd54f7686cfed740d9c130b6801cf
    (original fix to correct the EJAB-1498 issue),
[4] https://git.process-one.net/ejabberd/mainline/commit/fa08db7091f5ba904f337e30ec7c9a46857eb36d
    (correction of broken PEP upon [3] commit)
Comment 1 Jan Lieskovsky 2011-11-21 08:23:01 EST
This issue affects the versions of the ejabberd package, as shipped with Fedora EPEL 5 and Fedora EPEL 6 releases. Please schedule an update.

--

This issue affects the versions of the ejabberd package, as shipped with Fedora release of 14, 15, and 16. Please schedule an update.
Comment 2 Jan Lieskovsky 2011-11-21 08:26:23 EST
Created ejabberd tracking bugs for this issue

Affects: epel-5 [bug 755556]
Affects: epel-6 [bug 755557]
Affects: fedora-all [bug 755558]
Comment 3 Jan Lieskovsky 2011-11-21 08:32:20 EST
CVE assignment:
[5] http://www.openwall.com/lists/oss-security/2011/11/19/2
Comment 4 Peter Lemenkov 2011-11-22 02:53:11 EST
Sorry for the hiatus, folks.

I'm working on packaging 2.1.9 right now. The only issue I need to resolve is that ejabberd in Fedora is shipped with custom module for GSSAPI support - I'm working on rebasing it on top of 2.1.9 tag (I plan to finish it in a couple of hours).

Also I plan to tightly integrate it with systemd, so expect update tomorrow morning (~ 08.00 UTC).
Comment 5 Peter Lemenkov 2011-11-22 08:08:01 EST
Ok, I added first two builds for F-15 and F-16 (no builds for F-14 - sorry for that). Will add EL-[56] builds later.
Comment 6 Peter Lemenkov 2012-05-06 09:27:23 EDT
This was fixed long time ago. Can we just close this now?

Note You need to log in before you can comment on or make changes to this bug.