Fwd: Instant disconnect vulnerability
cory at cpanel.net
Sun Aug 15 12:22:43 EDT 2010
On Sun, 15 Aug 2010 10:47:40 -0400
John Bailey <rekkanoryo at rekkanoryo.org> wrote:
> On 08/15/2010 03:27 AM, Mark Doliner wrote:
> > I don't think I've been able to reproduce this problem, but maybe I
> > don't understand it correctly.
> > Cory: So you're saying that if a user sends that character to a chat
> > room, then any Pidgin user in the chat room will get disconnected by
> > the jabber server?
> If the server is stupid and allows passing the invalid characters, yes. This
> means pretty much every openfire server ever to exist.
Just to clarify, we are running an Openfire server in our environment.
Cory McIntire <cory at cpanel.net>
More information about the security