+severity normal thanks On Mon, 14 Jun 2010 08:40:15 +0100 Andrew Williams <a...@tensixtyone.com> wrote:
After consulting with one of upstream developers, it became clear this bug cannot be exploited from the outside and so it's not really that serious as it might sound because it does not introduce a vulnerability. To exploit this bug, a hostile party should convince the server administrator to misconfigure one or more of their xmpp components; clearly, such an attacker could as well convince her to run `rm -rf /` as root. (This text is also posted in the Ubuntu tracker as [1]). 1. https://bugs.launchpad.net/ubuntu/+source/ejabberd/+bug/596676/comments/5 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
