16 matches found
EUVD-2018-0658
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2016-3094
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PlainSaslServer.java in Apache Qpid Java before 6.0.3, when the broker is configured to allow plaintext passwords, allows remote attackers to cause a denial of...
K23675185: Apache Qpid vulnerabilities CVE-2016-3094 and CVE-2016-4432
Security Advisory Description CVE-2016-3094 PlainSaslServer.java in Apache Qpid Java before 6.0.3, when the broker is configured to allow plaintext passwords, allows remote attackers to cause a denial of service broker termination via a crafted authentication attempt, which triggers an uncaught...
GHSA-Q66C-H853-GQW2 AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication
The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to connection state logging...
CVE-2016-4432
The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to connection state logging...
CVE-2016-3094
PlainSaslServer.java in Apache Qpid Java before 6.0.3, when the broker is configured to allow plaintext passwords, allows remote attackers to cause a denial of service broker termination via a crafted authentication attempt, which triggers an uncaught exception...
UBUNTU-CVE-2016-3094
PlainSaslServer.java in Apache Qpid Java before 6.0.3, when the broker is configured to allow plaintext passwords, allows remote attackers to cause a denial of service broker termination via a crafted authentication attempt, which triggers an uncaught exception...
CVE-2016-3094
PlainSaslServer.java in Apache Qpid Java before 6.0.3, when the broker is configured to allow plaintext passwords, allows remote attackers to cause a denial of service broker termination via a crafted authentication attempt, which triggers an uncaught exception...
Code injection
PlainSaslServer.java in Apache Qpid Java before 6.0.3, when the broker is configured to allow plaintext passwords, allows remote attackers to cause a denial of service broker termination via a crafted authentication attempt, which triggers an uncaught exception...
UBUNTU-CVE-2016-4432
The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to connection state logging...
CVE-2016-3094
PlainSaslServer.java in Apache Qpid Java before 6.0.3, when the broker is configured to allow plaintext passwords, allows remote attackers to cause a denial of service broker termination via a crafted authentication attempt, which triggers an uncaught exception...
CVE-2016-4432
CVE-2016-4432 affects Apache Qpid Java broker before 6.0.3. The AMQP 0-8/0-9/0-91/0-10 connection handling could allow remote attackers to bypass authentication and perform actions via vectors related to connection state logging. The connected documents corroborate the vulnerability in the Java b...
PT-2016-5956 · Apache · Apache Qpid Java
Name of the Vulnerable Software and Affected Versions: Apache Qpid Java versions prior to 6.0.3 Description: The issue concerns the AMQP 0-8, 0-9, 0-91, and 0-10 connection handling, which might allow remote attackers to bypass authentication. This could enable attackers to perform actions via...
PT-2016-5366 · Apache · Apache Qpid Java
Name of the Vulnerable Software and Affected Versions: Apache Qpid Java versions prior to 6.0.3 Description: The issue allows remote attackers to cause a denial of service, leading to broker termination, via a crafted authentication attempt. This occurs when the broker is configured to allow...
CVE-2016-4432
The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to connection state logging. Mitigation If upgrading is not possible, the vulnerability can be mitigate...
CVE-2016-3094
PlainSaslServer.java in Apache Qpid Java before 6.0.3, when the broker is configured to allow plaintext passwords, allows remote attackers to cause a denial of service broker termination via a crafted authentication attempt, which triggers an uncaught exception...