qpid is vulnerable to denial of service (DoS) attacks. The vulnerability exists as Apache Qpid 0.17 and earlier does not properly restrict incoming client connections, which allows remote attackers to cause a denial of service (file descriptor consumption) via a large number of incomplete connections.
rhn.redhat.com/errata/RHSA-2012-1269.html
rhn.redhat.com/errata/RHSA-2012-1277.html
secunia.com/advisories/50573
secunia.com/advisories/50698
secunia.com/advisories/50699
www.securityfocus.com/bid/55608
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=817175
bugzilla.redhat.com/show_bug.cgi?id=840053
exchange.xforce.ibmcloud.com/vulnerabilities/78730
issues.apache.org/jira/browse/QPID-2616
issues.apache.org/jira/browse/QPID-4021
rhn.redhat.com/errata/RHSA-2012-1269.html