CVE-2008-1728

Name of the Vulnerable Software and Affected Versions Openfire version 3.4.5

Description The issue allows remote authenticated users to cause a denial of service, resulting in a daemon outage. This is achieved by triggering large outgoing queues without reading messages, specifically in the ConnectionManagerImpl.java component.

Recommendations For Openfire version 3.4.5, consider restricting access to the ConnectionManagerImpl.java component to minimize the risk of exploitation until a patch is available. As a temporary workaround, monitor and limit the size of outgoing queues to prevent daemon outages.