*** This bug is a security vulnerability *** Public security bug reported:
Binary package hint: ejabberd >From http://www.debian.org/security/2011/dsa-2248 > Wouter Coekaerts discovered that ejabberd, a distributed XMPP/Jabber server > written in Erlang, is vulnerable to the so-called "billion laughs" attack > because it does not prevent entity expansion on received data. > This allows an attacker to perform denial of service attacks against the > service by sending specially crafted XML data to it. ** Affects: ejabberd (Ubuntu) Importance: Undecided Status: New ** Visibility changed to: Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/791730 Title: CVE-2011-1753: billion laughs DoS vulnerability -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
