EUVD-2022-4777

Malicious code in bioql PyPI...

Apache QPID Allows Remote Authentication Bypass

Apache QPID 0.14, 0.16, and earlier uses a NullAuthenticator mechanism to authenticate catch-up shadow connections to AMQP brokers, which allows remote attackers to bypass authentication...

CVE-2012-3467

Apache QPID 0.14, 0.16, and earlier uses a NullAuthenticator mechanism to authenticate catch-up shadow connections to AMQP brokers, which allows remote attackers to bypass authentication...

CVE-2012-3467

Apache QPID 0.14, 0.16, and earlier uses a NullAuthenticator mechanism to authenticate catch-up shadow connections to AMQP brokers, which allows remote attackers to bypass authentication...

Authentication flaw

Apache QPID 0.14, 0.16, and earlier uses a NullAuthenticator mechanism to authenticate catch-up shadow connections to AMQP brokers, which allows remote attackers to bypass authentication...

CVE-2012-3467

The CVE-2012-3467 issue affects Apache Qpid (qpidd) before the fixed updates, where the NullAuthenticator used for catch-up shadow connections allowed remote authentication bypass. Affected: Qpid components handling AMQP broker clustering (qpidd, and related messaging cluster setup). Root cause: ...

Apache QPID NullAuthenticator验证绕过漏洞

Bugtraq ID:54954 CVE ID:CVE-2012-3467 Apache Qpid Open Source AMQP Messaging是一个跨平台的企业通讯解决方案，实现了高级消息队列协议。 Apache Qpid C++库实现存在安全缺陷，允许在影子链接shadow connections中使用NullAuthenticator机制进行验证，导致AMQP客户端应用绕过验证访问broker。 0 bitcoind/Bitcoin-Qt 0.3.11之前版本 厂商解决方案 用户可参考如下供应商提供的安全公告获得补丁信息：...