apache qpid is vulnerable to denial of service. A flaw was found in the way Apache Qpid handled a request to redeclare an existing exchange while adding a new alternate exchange. If a remote, authenticated user issued such a request, the server would crash, resulting in the cluster shutting down.
docs.redhat.com/docs/en-US/Red_Hat_Enterprise_MRG/1/html/Technical_Notes/index.html
secunia.com/advisories/41710
secunia.com/advisories/41812
svn.apache.org/viewvc?revision=811188&view=revision
www.redhat.com/security/updates/classification/#moderate
www.vupen.com/english/advisories/2010/2684
access.redhat.com/errata/RHSA-2010:0773
bugzilla.redhat.com/show_bug.cgi?id=642377
issues.apache.org/jira/browse/QPID-2080
rhn.redhat.com/errata/RHSA-2010-0773.html
rhn.redhat.com/errata/RHSA-2010-0774.html