mirror of
https://github.com/0xMarcio/cve.git
synced 2026-03-31 05:59:18 +02:00
776 B
776 B
CVE-2014-2745
Description
Prosody before 0.9.4 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an "xmppbomb" attack, related to core/portmanager.lua and util/xmppstream.lua.
POC
Reference
No PoCs from references.