Moderate severityNVD Advisory· Published Apr 11, 2008· Updated Apr 23, 2026
CVE-2008-1728
CVE-2008-1728
Description
ConnectionManagerImpl.java in Ignite Realtime Openfire 3.4.5 allows remote authenticated users to cause a denial of service (daemon outage) by triggering large outgoing queues without reading messages.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.igniterealtime.openfire:parentMaven | < 3.5.0 | 3.5.0 |
org.igniterealtime.openfire:openfireMaven | < 3.5.0 | 3.5.0 |
Affected products
1- cpe:2.3:a:ignite_realtime:openfire:3.4.5:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
16- secunia.com/advisories/29751nvdVendor Advisory
- secunia.com/advisories/29901nvdVendor Advisory
- www.igniterealtime.org/issues/browse/JM-1289nvdVendor AdvisoryWEB
- github.com/advisories/GHSA-x337-43mr-gg3hghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2008-1728ghsaADVISORY
- security.gentoo.org/glsa/glsa-200804-26.xmlnvdWEB
- www.igniterealtime.org/builds/openfire/docs/latest/changelog.htmlnvdWEB
- www.igniterealtime.org/fisheye/changelog/svn-orgnvdWEB
- www.openwall.com/lists/oss-security/2008/04/10/7nvdWEB
- exchange.xforce.ibmcloud.com/vulnerabilities/41744nvdWEB
- github.com/igniterealtime/Openfire/commit/c9cd1e521673ef0cccb8795b78d3cbaefb8a576aghsaWEB
- web.archive.org/web/20080517012408/http://www.securityfocus.com/bid/28722ghsaWEB
- web.archive.org/web/20080628231441/http://secunia.com/advisories/29751ghsaWEB
- web.archive.org/web/20080724051528/http://secunia.com/advisories/29901ghsaWEB
- www.securityfocus.com/bid/28722nvd
- www.vupen.com/english/advisories/2008/1188/referencesnvd
News mentions
0No linked articles in our index yet.