LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

qpid: denial of service

Package(s):qpid CVE #(s):CVE-2012-2145
Created:September 20, 2012 Updated:September 26, 2012
Description:

From the Red Hat advisory:

It was discovered that the Qpid daemon (qpidd) did not allow the number of connections from clients to be restricted. A malicious client could use this flaw to open an excessive amount of connections, preventing other legitimate clients from establishing a connection to qpidd. (CVE-2012-2145)

Alerts:
Red Hat RHSA-2012:1269-01 2012-09-19
Red Hat RHSA-2012:1277-01 2012-09-19
CentOS CESA-2012:1269 2012-09-20
Oracle ELSA-2012-1269 2012-09-19
Scientific Linux SL-qpid-20120920 2012-09-20
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds