Improper Input Validation in org.apache.qpid:qpid-broker

PlainSaslServer.java in Apache Qpid Java before 6.0.3, when the broker is configured to allow plaintext passwords, allows remote attackers to cause a denial of service broker termination via a crafted authentication attempt, which triggers an uncaught exception...

Code injection

PlainSaslServer.java in Apache Qpid Java before 6.0.3, when the broker is configured to allow plaintext passwords, allows remote attackers to cause a denial of service broker termination via a crafted authentication attempt, which triggers an uncaught exception...

CVE-2016-3094

CVE-2016-3094 - Affected software and root cause: Apache Qpid Java broker prior to 6.0.3, when configured to allow plaintext passwords, is vulnerable via the PlainSaslServer.java authentication path. An attacker can trigger an uncaught exception through a crafted authentication attempt, leading t...

CVE-2016-3094

PlainSaslServer.java in Apache Qpid Java before 6.0.3, when the broker is configured to allow plaintext passwords, allows remote attackers to cause a denial of service broker termination via a crafted authentication attempt, which triggers an uncaught exception...