Описание
Apache Qpid 0.17 and earlier does not properly restrict incoming client connections, which allows remote attackers to cause a denial of service (file descriptor consumption) via a large number of incomplete connections.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise MRG 1 | qpid-cpp | Will not fix | ||
| MRG for RHEL-5 v. 2 | mrg-release | Fixed | RHSA-2012:1277 | 19.09.2012 |
| MRG for RHEL-5 v. 2 | python-qpid | Fixed | RHSA-2012:1277 | 19.09.2012 |
| MRG for RHEL-5 v. 2 | qpid-cpp-mrg | Fixed | RHSA-2012:1277 | 19.09.2012 |
| MRG for RHEL-5 v. 2 | qpid-java | Fixed | RHSA-2012:1277 | 19.09.2012 |
| MRG for RHEL-5 v. 2 | qpid-jca | Fixed | RHSA-2012:1277 | 19.09.2012 |
| MRG for RHEL-5 v. 2 | qpid-qmf | Fixed | RHSA-2012:1277 | 19.09.2012 |
| MRG for RHEL-5 v. 2 | qpid-tools | Fixed | RHSA-2012:1277 | 19.09.2012 |
| Red Hat Enterprise Linux 6 | python-qpid | Fixed | RHSA-2012:1269 | 19.09.2012 |
| Red Hat Enterprise Linux 6 | qpid-cpp | Fixed | RHSA-2012:1269 | 19.09.2012 |
Показывать по
Дополнительная информация
Статус:
5 Medium
CVSS2
Связанные уязвимости
Apache Qpid 0.17 and earlier does not properly restrict incoming client connections, which allows remote attackers to cause a denial of service (file descriptor consumption) via a large number of incomplete connections.
Apache Qpid 0.17 and earlier does not properly restrict incoming client connections, which allows remote attackers to cause a denial of service (file descriptor consumption) via a large number of incomplete connections.
Apache Qpid 0.17 and earlier does not properly restrict incoming clien ...
Apache Qpid 0.17 and earlier does not properly restrict incoming client connections, which allows remote attackers to cause a denial of service (file descriptor consumption) via a large number of incomplete connections.
ELSA-2012-1269: qpid security, bug fix, and enhancement update (MODERATE)
5 Medium
CVSS2