Executive Summary

Informations
Name CVE-2008-1728 First vendor Publication 2008-04-11
Vendor Cve Last vendor Modification 2024-11-21

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Cvss Base Score 4 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Low
Cvss Expoit Score 8 Authentication Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

ConnectionManagerImpl.java in Ignite Realtime Openfire 3.4.5 allows remote authenticated users to cause a denial of service (daemon outage) by triggering large outgoing queues without reading messages.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1728

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-399 Resource Management Errors

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1

OpenVAS Exploits

Date Description
2008-11-24 Name : FreeBSD Ports: openfire
File : nvt/freebsd_openfire0.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200804-26 (openfire)
File : nvt/glsa_200804_26.nasl
2008-09-04 Name : FreeBSD Ports: openfire
File : nvt/freebsd_openfire.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
44268 Ignite Realtime Openfire ConnectionManagerImpl.java Queue Handling Remote DoS

Nessus® Vulnerability Scanner

Date Description
2008-11-21 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_937adf01b64a11dda55e00163e000016.nasl - Type : ACT_GATHER_INFO
2008-04-28 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_b84a992a12ab11ddbab70016179b2dd5.nasl - Type : ACT_GATHER_INFO
2008-04-25 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200804-26.nasl - Type : ACT_GATHER_INFO
2008-04-11 Name : The remote host contains an application that is prone to a denial of service ...
File : openfire_3_5_0.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

http://secunia.com/advisories/29751
http://secunia.com/advisories/29901
http://security.gentoo.org/glsa/glsa-200804-26.xml
http://www.igniterealtime.org/builds/openfire/docs/latest/changelog.html
http://www.igniterealtime.org/fisheye/changelog/svn-org?cs=10031
http://www.igniterealtime.org/issues/browse/JM-1289
http://www.openwall.com/lists/oss-security/2008/04/10/7
http://www.securityfocus.com/bid/28722
http://www.vupen.com/english/advisories/2008/1188/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41744
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
Date Informations
2024-11-28 23:14:34
  • Multiple Updates
2024-11-28 12:15:23
  • Multiple Updates
2021-05-04 12:07:23
  • Multiple Updates
2021-04-22 01:07:47
  • Multiple Updates
2020-05-23 00:21:33
  • Multiple Updates
2017-08-08 09:24:00
  • Multiple Updates
2017-02-19 09:24:42
  • Multiple Updates
2016-11-19 09:23:44
  • Multiple Updates
2016-04-26 17:18:09
  • Multiple Updates
2014-02-17 10:44:37
  • Multiple Updates
2013-05-11 00:14:43
  • Multiple Updates