6 matches found
K23675185: Apache Qpid vulnerabilities CVE-2016-3094 and CVE-2016-4432
Security Advisory Description CVE-2016-3094 PlainSaslServer.java in Apache Qpid Java before 6.0.3, when the broker is configured to allow plaintext passwords, allows remote attackers to cause a denial of service broker termination via a crafted authentication attempt, which triggers an uncaught...
com.confluex:qpid-in-a-can (=0.2.0), com.dell.cpsd.common.messaging:common-testing (=1.5.0) +23 more potentially affected by CVE-2016-4432 via org.apache.qpid:qpid-broker-plugins-amqp-1-0-protocol (>=0.24 <=6.0.2)
org.apache.qpid:qpid-broker-plugins-amqp-1-0-protocol MAVEN version =0.24, =2.0.0, =1.0.0, =0.1, =0.1, =10.0.0, =0.24, =10.0.0, =10.0.1 and more Source cves: CVE-2016-4432 Source advisory: OSV:GHSA-Q66C-H853-GQW2...
SOL23675185 - Apache Qpid vulnerabilities CVE-2016-3094 and CVE-2016-4432
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
CVE-2016-4432
The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to connection state logging...
CVE-2016-4432
The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to connection state logging...
CVE-2016-4432
CVE-2016-4432 affects Apache Qpid Java broker before 6.0.3. The AMQP 0-8/0-9/0-91/0-10 connection handling could allow remote attackers to bypass authentication and perform actions via vectors related to connection state logging. The connected documents corroborate the vulnerability in the Java b...