6 matches found
MiracleLinux 8 : librabbitmq-0.9.0-2.el8 (AXSA:2021-1184:01)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-1184:01 advisory. librabbitmq: integer overflow in amqphandleinput in amqpconnection.c leads to heap-based buffer overflow CVE-2019-18609 Tenable has extracted the preceding...
The vulnerability of the amqp_handle_input function in the amqp_connection.c component of the RabbitMQ messaging broker allows a attacker to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the amqphandleinput function in the amqpconnection.c component of the RabbitMQ messaging broker is related to the lack of checks on the frame size. Exploiting this vulnerability allows a remote attacker to gain access to confidential data, compromise its integrity, and cause...
librabbitmq: integer overflow in amqp_handle_input in amqp_connection.c leads to heap-based buffer overflow
An issue was discovered in amqphandleinput in amqpconnection.c in rabbitmq-c 0.9.0. There is an integer overflow that leads to heap memory corruption in the handling of CONNECTIONSTATEHEADER. A rogue server could return a malicious frame header that leads to a smaller targetsize value than needed...
librabbitmq: integer overflow in amqp_handle_input in amqp_connection.c leads to heap-based buffer overflow
An issue was discovered in amqphandleinput in amqpconnection.c in rabbitmq-c 0.9.0. There is an integer overflow that leads to heap memory corruption in the handling of CONNECTIONSTATEHEADER. A rogue server could return a malicious frame header that leads to a smaller targetsize value than needed...
rabbitmq-c integer overflow vulnerability
RabbitMQ is an open source implementation of AMQP written on the server side in the Erlang language that supports a variety of clients for storing and forwarding messages in a distributed system. rabbitmq-c is the RabbitMQ C client. An integer overflow vulnerability exists in amqphandleinput in...
UBUNTU-CVE-2019-18609
An issue was discovered in amqphandleinput in amqpconnection.c in rabbitmq-c 0.9.0. There is an integer overflow that leads to heap memory corruption in the handling of CONNECTIONSTATEHEADER. A rogue server could return a malicious frame header that leads to a smaller targetsize value than needed...