2 matches found
Security Bulletin: Malformed client flows abend MQTT channel (CVE-2015-4943, CVE-2015-4941, CVE-2015-4942)
Summary A number of malformed MQTT client flows could be issued by a malicious user to cause the MQXR service to abend and require manual restart. Vulnerability Details CVEID: CVE-2015-4943 DESCRIPTION: IBM WebSphere MQ could allow a remote attacker to crash the MQXR service using a sequence of...
CVE-2015-4941
CVE-2015-4941 affects IBM WebSphere MQ Light 1.x before 1.0.2, where mishandling of abbreviated TLS handshakes can enable a remote attacker to crash the MQXR service (denial of service). IBM security bulletins corroborate affected products and versions (MQ Light V1.0 and V1.0.1) and describe the ...