XMMP/Jabber clients DoS vulnerability report
Justin Karneges
justin at affinix.com
Mon Jan 25 14:33:45 EST 2010
On Saturday 23 January 2010 05:07:52 Andrea Barisani wrote:
> Hi everyone,
>
> oCERT recently received a report about a DoS condition in Pidgin and Psi,
> other XMMP clients might be affected (libpurple and libiris ones most
> likely).
>
> The sample message attached to this email causes, according to the
> reporter, 100% CPU load, the message can be sent by non-buddies as just the
> target jid is sufficient.
>
> Can you confirm the issue?
Thanks for the report, Andrea. We are looking into a solution.
-Justin
More information about the security
mailing list