2 matches found
rabbitmq-server: "X-Reason" HTTP Header can be leveraged to insert a malicious string leading to DoS
A resource-consumption flaw was identified in the rabbitmq-server web management plugin. Utilizing a malicious 'X-Reason' HTTP header, a remote attacker could insert a malicious Erlang format string which will expand and consume heap memory, resulting in a crash. The highest threat from this...
Pivotal Software RabbitMQ Web Management Plugin Resource Management Error Vulnerability
Pivotal Software RabbitMQ is the United States Pivotal Software, Inc. of a set of implementation of the Advanced Message Queuing Protocol AMQP open source message broker software. A resource management error vulnerability exists in the Web Management Plugin in Pivotal Software RabbitMQ. An attack...