CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
94.4%
ejabberd is the Erlang jabber daemon.
Multiple vulnerabilities have been discovered in ejabberd. Please review the CVE identifiers referenced below for details.
ejabberd allows remote attackers to cause a Denial of Service condition with the result of either crashing the daemon or the whole system by causing memory and CPU consumption.
There is no known workaround at this time.
All ejabberd users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-im/ejabberd-2.1.9"
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Gentoo | any | all | net-im/ejabberd | < 2.1.9 | UNKNOWN |