1. CVE-Search
  2. CVE-2008-1728
ID CVE-2008-1728
Summary ConnectionManagerImpl.java in Ignite Realtime Openfire 3.4.5 allows remote authenticated users to cause a denial of service (daemon outage) by triggering large outgoing queues without reading messages.
References
Vulnerable Configurations
  • cpe:2.3:a:ignite_realtime:openfire:3.4.5:*:*:*:*:*:*:*
    cpe:2.3:a:ignite_realtime:openfire:3.4.5:*:*:*:*:*:*:*
CVSS
Base: 4.0 (as of 08-08-2017 - 01:30)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:S/C:N/I:N/A:P
refmap via4
bid 28722
confirm
gentoo GLSA-200804-26
misc http://www.igniterealtime.org/fisheye/changelog/svn-org?cs=10031
mlist [oss-security] 20080411 CVE request: openfire <3.5.0 Denial of Service
secunia
  • 29751
  • 29901
vupen ADV-2008-1188
xf openfire-connectionmanagerImpljava-dos(41744)
Last major update 08-08-2017 - 01:30
Published 11-04-2008 - 19:05
Last modified 08-08-2017 - 01:30
Back to Top