FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

jabberd -- 3 buffer overflows

Affected packages
jabberd < 2.0.9

Details

VuXML ID 55041d37-ff62-11d9-a9a5-000ae4641456
Discovery 2005-07-25
Entry 2005-07-30

There are 3 buffer overflows in jid.c that are triggered during parsing of JID strings when components (user, host or resource) are too long.

  1. jid.c, line 103: overflow in `str' buffer through strcpy() when "user" part is too long.
  2. jid.c, line 115: overflow in `str' buffer through strcpy() when "host" part is too long.
  3. jid.c, line 127: overflow in `str' buffer through strcpy() when "resource" part is too long.

These overflows can be used to perform a DoS attack on the server (sm process segfaults) and can possible be used for arbitrary code execution.

References

URL http://j2.openaether.org/bugzilla/show_bug.cgi?id=99