Info

Disclosure

May 25, 2012

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Apache Qpid contains a flaw that may allow a remote denial of service. The issue is triggered when the Qpid daemon (qpidd) fails to restrict the number of connections a client can open. This may allow a remote attacker to cause a loss of availability for the program via a saturation of connections.

Classification

Location: Remote / Network Access
Attack Type: Denial of Service
Impact: Loss of Availability
Solution: Solution Unknown
Exploit: Exploit Unknown
Disclosure: Uncoordinated Disclosure

Solution

OSVDB is not aware of a solution for this vulnerability.

Products

The Apache Software Foundation

Qpid

0.17

References

CVE ID: 2012-2145 (see also: NVD)
Secunia Advisory ID: 50573 50698 50699
Vendor Specific News/Changelog Entry: https://issues.apache.org/jira/browse/QPID-4021
RedHat RHSA: RHSA-2012:1269 RHSA-2012:1277

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/85704