Vulnerabilities > CVE-2011-1755 - XML Entity Expansion vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
jabberd2 before 2.2.14 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family MacOS X Local Security Checks NASL id MACOSX_10_7_2.NASL description The remote host is running a version of Mac OS X 10.7.x that is prior to 10.7.2. This version contains numerous security-related fixes for the following components : - Apache - Application Firewall - ATS - BIND - Certificate Trust Policy - CFNetwork - CoreMedia - CoreProcesses - CoreStorage - File Systems - iChat Server - Kernel - libsecurity - Open Directory - PHP - python - QuickTime - SMB File Server - X11 last seen 2020-06-01 modified 2020-06-02 plugin id 56480 published 2011-10-13 reporter This script is Copyright (C) 2011-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/56480 title Mac OS X 10.7.x < 10.7.2 Multiple Vulnerabilities NASL family Fedora Local Security Checks NASL id FEDORA_2011-7818.NASL description This update fixes an important security issue (CVE-2011-1755), for more information, please see https://bugzilla.redhat.com/show_bug.cgi?id=700390. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 55150 published 2011-06-16 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/55150 title Fedora 13 : jabberd-2.2.11-4.fc13 (2011-7818) NASL family Fedora Local Security Checks NASL id FEDORA_2011-7801.NASL description This update fixes an important security issue (CVE-2011-1755), for more information, please see https://bugzilla.redhat.com/show_bug.cgi?id=700390. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 55059 published 2011-06-12 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/55059 title Fedora 15 : jabberd-2.2.14-1.fc15 (2011-7801) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2011-0882.NASL description An updated jabberd package that fixes one security issue is now available for Red Hat Network Satellite 5.4.1 for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. This package provides jabberd 2, an Extensible Messaging and Presence Protocol (XMPP) server used for XML based communication. It was found that the jabberd daemon did not properly detect recursion during entity expansion. A remote attacker could provide a specially crafted XML file containing a large number of nested entity references, which once processed by the jabberd daemon, could lead to a denial of service (excessive memory and CPU consumption). (CVE-2011-1755) Red Hat would like to thank Nico Golde of the Debian Security Team for reporting this issue. The Debian Security Team acknowledges Wouter Coekaerts as the original reporter. Users of Red Hat Network Satellite 5.4.1 are advised to upgrade to this updated jabberd package, which resolves this issue. For this update to take effect, Red Hat Network Satellite must be restarted. Refer to the Solution section for details. last seen 2020-06-01 modified 2020-06-02 plugin id 63985 published 2013-01-24 reporter This script is Copyright (C) 2013-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/63985 title RHEL 5 : jabberd (RHSA-2011:0882) NASL family MacOS X Local Security Checks NASL id MACOSX_SECUPD2011-006.NASL description The remote host is running a version of Mac OS X 10.6 that does not have Security Update 2011-006 applied. This update contains numerous security-related fixes for the following components : - Apache - Application Firewall - ATS - BIND - Certificate Trust Policy - CFNetwork - CoreFoundation - CoreMedia - File Systems - IOGraphics - iChat Server - Mailman - MediaKit - PHP - postfix - python - QuickTime - Tomcat - User Documentation - Web Server - X11 last seen 2020-06-01 modified 2020-06-02 plugin id 56481 published 2011-10-13 reporter This script is Copyright (C) 2011-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/56481 title Mac OS X Multiple Vulnerabilities (Security Update 2011-006) NASL family Fedora Local Security Checks NASL id FEDORA_2011-7805.NASL description This update fixes an important security issue (CVE-2011-1755), for more information, please see https://bugzilla.redhat.com/show_bug.cgi?id=700390. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 55149 published 2011-06-16 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/55149 title Fedora 14 : jabberd-2.2.14-1.fc14 (2011-7805) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2011-0881.NASL description An updated jabberd package that fixes one security issue is now available for Red Hat Network Proxy 5.4.1 for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. This package provides jabberd 2, an Extensible Messaging and Presence Protocol (XMPP) server used for XML based communication. It was found that the jabberd daemon did not properly detect recursion during entity expansion. A remote attacker could provide a specially crafted XML file containing a large number of nested entity references, which once processed by the jabberd daemon, could lead to a denial of service (excessive memory and CPU consumption). (CVE-2011-1755) Red Hat would like to thank Nico Golde of the Debian Security Team for reporting this issue. The Debian Security Team acknowledges Wouter Coekaerts as the original reporter. Users of Red Hat Network Proxy 5.4.1 are advised to upgrade to this updated jabberd package, which resolves this issue. For this update to take effect, Red Hat Network Proxy must be restarted. Refer to the Solution section for details. last seen 2020-06-01 modified 2020-06-02 plugin id 63984 published 2013-01-24 reporter This script is Copyright (C) 2013-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/63984 title RHEL 5 : jabberd (RHSA-2011:0881)
Redhat
| advisories |
| ||||||||
| rpms |
|
References
- http://secunia.com/advisories/44787
- http://codex.xiaoka.com/svn/jabberd2/tags/jabberd-2.2.14/ChangeLog
- https://bugzilla.redhat.com/show_bug.cgi?id=700390
- http://www.securityfocus.com/bid/48250
- http://www.redhat.com/support/errata/RHSA-2011-0882.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061482.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061341.html
- http://www.redhat.com/support/errata/RHSA-2011-0881.html
- http://secunia.com/advisories/44957
- https://hermes.opensuse.org/messages/9197650
- http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061458.html
- http://secunia.com/advisories/45112
- http://support.apple.com/kb/HT5002
- http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/67770
- http://www.mail-archive.com/jabberd2%40lists.xiaoka.com/msg01655.html