CVE-2018-8030
https://notcve.org/view.php?id=CVE-2018-8030
A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 7.0.0-7.0.4 when AMQP protocols 0-8, 0-9 or 0-91 are used to publish messages with size greater than allowed maximum message size limit (100MB by default). The broker crashes due to the defect. AMQP protocols 0-10 and 1.0 are not affected. Se ha encontrado una vulnerabilidad de denegación de servicio (DoS) en Apache Qpid Broker-J desde la versión 7.0.0 hasta la 7.0.4 cuando los protocolos AMQP 0-8, 0-9 o 0-91 se emplean para publicar mensajes con un tamaño mayor que el límite de tamaño de mensaje máximo permitido (100 MB por defecto). El broker se cierre inesperadamente debido a este defecto. • http://www.securitytracker.com/id/1041138 https://lists.apache.org/thread.html/1089a4f351a1bdca0618199e53bceeec59a10bf4e3008018d6949876%40%3Cusers.qpid.apache.org%3E • CWE-20: Improper Input Validation •
CVE-2017-15699 – Interconnect: Denial of Service vulnerability in Red Hat JBoss AMQ Interconnect
https://notcve.org/view.php?id=CVE-2017-15699
A Denial of Service vulnerability was found in Apache Qpid Dispatch Router versions 0.7.0 and 0.8.0. To exploit this vulnerability, a remote user must be able to establish an AMQP connection to the Qpid Dispatch Router and send a specifically crafted AMQP frame which will cause it to segfault and shut down. Se ha descubierto una vulnerabilidad de denegación de servicio (DoS) en Apache Qpid Dispatch Router 0.7.0 y 0.8.0. Para explotar esta vulnerabilidad, un usuario remoto debe poder establecer una conexión AMQP a Qpid Dispatch Router y enviar un frame AMQP especialmente manipulado, lo que provocará un fallo de segmentación y el cierre. • http://www.securityfocus.com/bid/103067 https://issues.apache.org/jira/browse/DISPATCH-924 https://access.redhat.com/security/cve/CVE-2017-15699 https://bugzilla.redhat.com/show_bug.cgi?id=1512724 • CWE-20: Improper Input Validation •
CVE-2018-1298
https://notcve.org/view.php?id=CVE-2018-1298
A Denial of Service vulnerability was found in Apache Qpid Broker-J 7.0.0 in functionality for authentication of connections for AMQP protocols 0-8, 0-9, 0-91 and 0-10 when PLAIN or XOAUTH2 SASL mechanism is used. The vulnerability allows unauthenticated attacker to crash the broker instance. AMQP 1.0 and HTTP connections are not affected. An authentication of incoming AMQP connections in Apache Qpid Broker-J is performed by special entities called "Authentication Providers". Each Authentication Provider can support several SASL mechanisms which are offered to the connecting clients as part of SASL negotiation process. • https://lists.apache.org/thread.html/d9087e9e57c9b6376754e2b4ea8cd5e9ae6449ed17fc384640c9c9e1%40%3Cusers.qpid.apache.org%3E • CWE-20: Improper Input Validation •
CVE-2017-15702
https://notcve.org/view.php?id=CVE-2017-15702
In Apache Qpid Broker-J 0.18 through 0.32, if the broker is configured with different authentication providers on different ports one of which is an HTTP port, then the broker can be tricked by a remote unauthenticated attacker connecting to the HTTP port into using an authentication provider that was configured on a different port. The attacker still needs valid credentials with the authentication provider on the spoofed port. This becomes an issue when the spoofed port has weaker authentication protection (e.g., anonymous access, default accounts) and is normally protected by firewall rules or similar which can be circumvented by this vulnerability. AMQP ports are not affected. Versions 6.0.0 and newer are not affected. • http://www.securityfocus.com/bid/102040 https://issues.apache.org/jira/browse/QPID-8039 https://lists.apache.org/thread.html/59d241e30db23b8b0af26bb273f789aa1f08515d3dc1a3868d3ba090%40%3Cdev.qpid.apache.org%3E https://qpid.apache.org/cves/CVE-2017-15702.html •
CVE-2017-15701
https://notcve.org/view.php?id=CVE-2017-15701
In Apache Qpid Broker-J versions 6.1.0 through 6.1.4 (inclusive) the broker does not properly enforce a maximum frame size in AMQP 1.0 frames. A remote unauthenticated attacker could exploit this to cause the broker to exhaust all available memory and eventually terminate. Older AMQP protocols are not affected. En Apache Qpid Broker-J versiones 6.1.0 hasta 6.1.4 (inclusive), el broker no impone apropiadamente un tamaño máximo de trama en tramas AMQP versión 1.0. Un atacante remoto no autenticado podría explotar esto para hacer que el broker agote toda la memoria disponible y finalmente termine. • http://www.securityfocus.com/bid/102041 https://issues.apache.org/jira/browse/QPID-7947 https://lists.apache.org/thread.html/4054e1c90993f337eeea24a312841c0661653e673c0ff8e2cd9520fe%40%3Cdev.qpid.apache.org%3E https://qpid.apache.org/cves/CVE-2017-15701.html • CWE-400: Uncontrolled Resource Consumption •