Lucene search

PRIOn knowledge basePRION:CVE-2012-2145

HistorySep 28, 2012 - 3:55 p.m.

Design/Logic Flaw

2012-09-2815:55:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.5%

JSON

Apache Qpid 0.17 and earlier does not properly restrict incoming client connections, which allows remote attackers to cause a denial of service (file descriptor consumption) via a large number of incomplete connections.

CPENameOperatorVersion
qpideq0.14
qpideq0.7
qpideq0.10
qpideq0.9
qpideq0.6
qpideq0.12
qpideq0.16
qpidle0.17
qpideq0.8

Name	Operator	Version
qpid	eq	0.14
qpid	eq	0.7
qpid	eq	0.10
qpid	eq	0.9
qpid	eq	0.6
qpid	eq	0.12
qpid	eq	0.16
qpid	le	0.17
qpid	eq	0.8

References

rhn.redhat.com/errata/RHSA-2012-1269.html

rhn.redhat.com/errata/RHSA-2012-1277.html

secunia.com/advisories/50573

secunia.com/advisories/50698

secunia.com/advisories/50699

www.securityfocus.com/bid/55608

bugzilla.redhat.com/show_bug.cgi?id=817175

exchange.xforce.ibmcloud.com/vulnerabilities/78730

issues.apache.org/jira/browse/QPID-2616

issues.apache.org/jira/browse/QPID-4021