Denial of Service Vulnerability in Apache Qpid Used by Red Hat
CVE-2009-5005

Currently unrated

Key Information:

Vendor: Apache
Status: Qpid; Enterprise Mrg
Vendor: CVE Published:; 18 October 2010

Summary

The Cluster::deliveredEvent function in Apache Qpid can be exploited by remote attackers to trigger a denial of service, resulting in a daemon crash and potential cluster outages. This vulnerability arises from the handling of invalid AMQP data, allowing malicious entities to disrupt services and affect overall system availability.

References

https://rhn.redhat.com/errata/RHSA-2010-0774.html

vendor-advisoryx_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=642373

x_refsource_CONFIRM

http://www.vupen.com/english/advisories/2010/2684

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Oct 18, 2010
Vulnerability Reserved
Oct 12, 2010