7 matches found
[SECURITY] Fedora 22 Update: springframework-amqp-1.3.9-4.fc22
The Spring AMQP project applies core Spring concepts to the development of AMQP-based messaging solutions. It provides a "template" as a high-level abstraction for sending and receiving messages. It also provides support for Message driven POJOs with a "listener container". These libraries...
RHEL 5 : qpid-cpp (RHSA-2015:0662)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:0662 advisory. Red Hat Enterprise MRG Messaging, Realtime, and Grid is a next-generation IT infrastructure for enterprise computing. MRG offers increased...
Moderate: Red Hat Security Advisory: qpid-cpp security and bug fix update
Updated qpid-cpp packages that fix multiple security issues and one bug are now available for Red Hat Enterprise MRG Messaging 2.5 for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base score...
Apache Qpid Security Bypass Vulnerability
Apache Qpid Open Source AMQP Messaging is a cross-platform enterprise communications solution that implements an advanced message queuing protocol . A security bypass vulnerability exists in Apache Qpid due to the program failing to adequately process user-supplied input. An attacker could use th...
CVE-2014-2814
CVE-2014-2814 affects Microsoft Service Bus 1.1 on Windows Server 2008 R2 SP1 and Server 2012 (Gold/R2). The vulnerability allows remote authenticated attackers to cause a denial-of-service (AMQP messaging outage) by sending specially crafted AMQP messages. CVSS v2 base score 4.0 (NETWORK, LOW co...
Apache QPID NullAuthenticator验证绕过漏洞
Bugtraq ID:54954 CVE ID:CVE-2012-3467 Apache Qpid Open Source AMQP Messaging是一个跨平台的企业通讯解决方案,实现了高级消息队列协议。 Apache Qpid C++库实现存在安全缺陷,允许在影子链接shadow connections中使用NullAuthenticator机制进行验证,导致AMQP客户端应用绕过验证访问broker。 0 bitcoind/Bitcoin-Qt 0.3.11之前版本 厂商解决方案 用户可参考如下供应商提供的安全公告获得补丁信息:...
Apache Qpid非法访问安全限制绕过漏洞
BUGTRAQ ID: 53305 CVE ID: CVE-2011-3620 Apache Qpid(Open Source AMQP Messaging)是一个跨平台的企业通讯解决方案,实现了高级消息队列协议。 Apache Qpid 0.12在通过群集用户名连接群集时没有验证SASL证书的密码,可通过恶意的代理非法访问群集。 0 Apache Group Qpid 0.x 厂商补丁: Apache Group ------------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://httpd.apache.org/...