CVE-2012-2145

Currently unrated

Key Information:

Vendor: Apache
Status: Qpid
Vendor: CVE Published:; 28 September 2012

Summary

Apache Qpid 0.17 and earlier does not properly restrict incoming client connections, which allows remote attackers to cause a denial of service (file descriptor consumption) via a large number of incomplete connections.

References

https://issues.apache.org/jira/browse/QPID-4021

x_refsource_MISC

http://rhn.redhat.com/errata/RHSA-2012-1277.html

vendor-advisoryx_refsource_REDHAT

http://rhn.redhat.com/errata/RHSA-2012-1269.html

vendor-advisoryx_refsource_REDHAT

Timeline

Vulnerability published
Sep 28, 2012
Vulnerability Reserved
Apr 4, 2012