FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

jabberd -- remote buffer overflow vulnerability

Affected packages
2.* <= jabberd <= 2.0.4

Details

VuXML ID 553224e7-4325-11d9-a3d5-000c6e8f12ef
Discovery 2004-11-24
Entry 2004-11-30

Caused by improper bounds-checking of username and password in the C2S module, it is possible for an attacker to cause a remote buffer overflow. The server directly handles the userinput with SQL backend functions - malicious input may lead to buffer overflow.

References

Message 41A3FEE1.5030701@0x557.org