UBUNTU-CVE-2010-0305

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2010-0305

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2010/UBUNTU-CVE-2010-0305.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2010-0305

Upstream

CVE-2010-0305

Withdrawn

2025-07-18T16:42:39Z

Published

2010-02-03T19:30:00Z

Modified

2025-07-16T07:30:39.289240Z

Severity

Ubuntu - medium

Summary

[none]

Details

ejabberd_c2s.erl in ejabberd before 2.1.3 allows remote attackers to cause a denial of service (daemon crash) via a large number of c2s (aka client2server) messages that trigger a queue overload.

References

Affected packages

Ubuntu:14.04:LTS / ejabberd

Package

Name: ejabberd
Purl: pkg:deb/ubuntu/ejabberd@2.1.11-1ubuntu2.1?arch=source&distro=trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.1.11-1ubuntu2.1

Affected versions

2.*

2.1.10-5ubuntu1

2.1.11-1

2.1.11-1ubuntu1

2.1.11-1ubuntu2

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "ejabberd",
            "binary_version": "2.1.11-1ubuntu2.1"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2010/UBUNTU-CVE-2010-0305.json"

Ubuntu:16.04:LTS / ejabberd

Package

Name: ejabberd
Purl: pkg:deb/ubuntu/ejabberd@16.01-2?arch=source&distro=xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

16.01-2

Affected versions

15.*

15.03-2

15.10-3

16.*

16.01-1

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "ejabberd",
            "binary_version": "16.01-2"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2010/UBUNTU-CVE-2010-0305.json"

Ubuntu:18.04:LTS / ejabberd

Package

Name: ejabberd
Purl: pkg:deb/ubuntu/ejabberd@18.01-2?arch=source&distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

18.01-2

Affected versions

17.*

17.07-1

17.08-3

17.11-1

18.*

18.01-1

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "ejabberd",
            "binary_version": "18.01-2"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2010/UBUNTU-CVE-2010-0305.json"