|
|
Subscribe / Log in / New account

zeromq3: security bypass

Package(s):zeromq3 CVE #(s):CVE-2014-9721
Created:May 11, 2015 Updated:June 11, 2015
Description: From the Debian advisory:

It was discovered that libzmq, a lightweight messaging kernel, is susceptible to a protocol downgrade attack on sockets using the ZMTP v3 protocol. This could allow remote attackers to bypass ZMTP v3 security mechanisms by sending ZMTP v2 or earlier headers.

Alerts:
Debian DSA-3255-1 zeromq3 2015-05-10
Fedora FEDORA-2015-8635 zeromq 2015-05-30
openSUSE openSUSE-SU-2015:1028-1 zeromq 2015-06-10
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds