538 matches found
CVE-2014-0212
qpid-cpp: ACL policies only loaded if the acl-file option specified enabling DoS by consuming all available file descriptors...
UBUNTU-CVE-2014-0212
qpid-cpp: ACL policies only loaded if the acl-file option specified enabling DoS by consuming all available file descriptors...
CVE-2014-0212
qpid-cpp: ACL policies only loaded if the acl-file option specified enabling DoS by consuming all available file descriptors...
CVE-2014-0212
CVE-2014-0212 concerns qpid-cpp: ACL policies are only loaded when the acl-file option is specified, which can enable a Denial of Service by exhausting all available file descriptors. The connected documents confirm the root cause is loading/processing ACL policies contingent on a missing/omitted...
CVE-2014-0212
qpid-cpp: ACL policies only loaded if the acl-file option specified enabling DoS by consuming all available file descriptors...
qpid-proton: TLS Man in the Middle Vulnerability
A cryptographic weakness was discovered in qpid-proton's use of TLS. If the qpid-proton client was used without client certificates, it would accept an anonymous cipher offered by the server. A man-in-the-middle attacker could use this to silently intercept traffic that should have been encrypted...
CVE-2009-5004
qpid-cpp 1.0 crashes when a large message is sent and the Digest-MD5 mechanism with a security layer is in use...
CVE-2009-5004
qpid-cpp 1.0 crashes when a large message is sent and the Digest-MD5 mechanism with a security layer is in use...
CVE-2009-5004
qpid-cpp 1.0 crashes when a large message is sent and the Digest-MD5 mechanism with a security layer is in use...
Code injection
qpid-cpp 1.0 crashes when a large message is sent and the Digest-MD5 mechanism with a security layer is in use...
CVE-2009-5004
qpid-cpp 1.0 crashes when a large message is sent and the Digest-MD5 mechanism with a security layer is in use...
CVE-2009-5004
CVE-2009-5004 : In qpid-cpp 1.0, a crash occurs when a large message is sent while the Digest-MD5 mechanism with a security layer is in use. This is the only concrete detail available in the provided docs; no exploitation, mitigation, or affected version ranges are specified beyond this descripti...
Unspecified vulnerability in Qpid C++
Qpid C++ is a message-oriented middleware message broker program written in C++ by the Apache Software Foundation. A security vulnerability exists in Qpid C++ version 1.0. An attacker could exploit this vulnerability to cause the program to crash...
RHEL 5 / 6 / 7 : qpid-proton (RHSA-2019:2781)
The remote Redhat Enterprise Linux 5 / 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:2781 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to...
RHEL 5 / 6 / 7 : qpid-proton (RHSA-2019:2782)
The remote Redhat Enterprise Linux 5 / 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:2782 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to...
Important: Red Hat Security Advisory: qpid-proton security update
An update for qpid-proton is now available for Satellite Tools 6.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
qpid-proton: TLS Man in the Middle Vulnerability
A cryptographic weakness was discovered in qpid-proton's use of TLS. If the qpid-proton client was used without client certificates, it would accept an anonymous cipher offered by the server. A man-in-the-middle attacker could use this to silently intercept traffic that should have been encrypted...
qpid-proton: TLS Man in the Middle Vulnerability
A cryptographic weakness was discovered in qpid-proton's use of TLS. If the qpid-proton client was used without client certificates, it would accept an anonymous cipher offered by the server. A man-in-the-middle attacker could use this to silently intercept traffic that should have been encrypted...
Important: Red Hat Security Advisory: qpid-proton security update
An update for qpid-proton is now available for Satellite Tools 6.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
RHEL 5 / 6 / 7 / 8 : qpid-proton (RHSA-2019:2780)
The remote Redhat Enterprise Linux 5 / 6 / 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:2780 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity...