Family: Denial of Service --> Category: denial
Jabberd SASL Negotiation Denial of Service Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Tries to crash jabberd c2s component
Detailed Explanation for this Vulnerability Test
The remote instant messaging server is affected by a denial of service
The remote host is running jabberd, an open-source messaging system
based on the Jabber protocol.
The version of jabberd installed on the remote host suffers a segfault
when a client sends a SASL 'response' stanza before a SASL 'auth'
stanza. An unauthenticated remote attacker can leverage this flaw to
crash the application's c2s component, thereby denying service to
See also :
Upgrade to jabberd 2s11 or later.
Low / CVSS Base Score : 2.3
Click HERE for more information and discussions on this network vulnerability scan.