CVE-2015-0223 – qpid-cpp: anonymous access to qpidd cannot be prevented
https://notcve.org/view.php?id=CVE-2015-0223
Unspecified vulnerability in Apache Qpid 0.30 and earlier allows remote attackers to bypass access restrictions on qpidd via unknown vectors, related to 0-10 connection handling. Vulnerabilidad no especificada en Apache Qpid 0.30 y anteriores permite a atacantes remotos evadir las restricciones de acceso sobre qpidd a través de vectores desconocidos, relacionado con el manejo de conexiones 0-10. It was discovered that the Qpid daemon (qpidd) did not restrict access to anonymous users when the ANONYMOUS mechanism was disallowed. • http://packetstormsecurity.com/files/130106/Apache-Qpid-0.30-Anonymous-Action-Prevention.html http://seclists.org/bugtraq/2015/Jan/122 http://www.securityfocus.com/bid/72319 https://access.redhat.com/errata/RHBA-2016:1500 https://access.redhat.com/security/cve/CVE-2015-0223 https://bugzilla.redhat.com/show_bug.cgi?id=1186308 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2015-0224 – qpid-cpp: AMQP 0-10 protocol sequence-set maximal range DoS (incomplete CVE-2015-0203 fix)
https://notcve.org/view.php?id=CVE-2015-0224
qpidd in Apache Qpid 0.30 and earlier allows remote attackers to cause a denial of service (daemon crash) via a crafted protocol sequence set. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0203. qpidd en Apache Qpid 0.30 y anteriores permite que atacantes remotos provoquen una denegación de servicio (cierre inesperado del demonio) mediante un conjunto de secuencias de protocolo manipuladas. NOTA: Esta vulnerabilidad existe debido a una solución incompleta para CVE-2015-0203. A flaw was found in the way the Qpid daemon (qpidd) processed certain protocol sequences. An unauthenticated attacker able to send a specially crafted protocol sequence set that could use this flaw to crash qpidd. • http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178606.html http://mail-archives.apache.org/mod_mbox/www-announce/201501.mbox/%3C54C60497.5060504%40apache.org%3E http://packetstormsecurity.com/files/130105/Apache-Qpid-0.30-Crash.html http://rhn.redhat.com/errata/RHSA-2015-0660.html http://rhn.redhat.com/errata/RHSA-2015-0661.html http://rhn.redhat.com/errata/RHSA-2015-0662.html http://rhn.redhat.com/errata/RHSA-2015-0707.html http://www.securityfocus.com/arch • CWE-19: Data Processing Errors •
CVE-2015-0203 – qpid-cpp: 3 qpidd DoS issues in AMQP 0-10 protocol handling
https://notcve.org/view.php?id=CVE-2015-0203
The qpidd broker in Apache Qpid 0.30 and earlier allows remote authenticated users to cause a denial of service (daemon crash) via an AMQP message with (1) an invalid range in a sequence set, (2) content-bearing methods other than message-transfer, or (3) a session-gap control before a corresponding session-attach. El broker qpidd Apache Qpid 0.30 y anteriores permite que usuarios autenticados remotos provoquen una denegación de servicio (cierre inesperado del demonio) mediante un mensaje AMQP con (1) un rango inválido en un conjunto de secuencias, (2) métodos content-bearing distintos de message-transfer o (3) un control session-gap antes del session-attach correspondiente. A flaw was found in the way the Qpid daemon (qpidd) processed certain protocol sequences. An unauthenticated attacker able to send a specially crafted protocol sequence set could use this flaw to crash qpidd. • http://www.securityfocus.com/bid/72030 https://access.redhat.com/errata/RHBA-2016:1500 https://issues.apache.org/jira/browse/QPID-6310 https://packetstormsecurity.com/files/129941/Apache-Qpid-0.30-Denial-Of-Service.html https://access.redhat.com/security/cve/CVE-2015-0203 https://bugzilla.redhat.com/show_bug.cgi?id=1181721 • CWE-19: Data Processing Errors •
CVE-2014-3629
https://notcve.org/view.php?id=CVE-2014-3629
XML external entity (XXE) vulnerability in the XML Exchange module in Apache Qpid 0.30 allows remote attackers to cause outgoing HTTP connections via a crafted message. Vulnerabilidad de entidad externa XML (XXE) en el módulo XML Exchange en Apache Qpid 0.30 permite a atacantes remotos provocar conexiones HTTP salientes a través de un mensaje manipulado. • http://packetstormsecurity.com/files/129034/Apache-Qpid-0.30-Induced-HTTP-Requests.html http://secunia.com/advisories/62235 http://www.securityfocus.com/archive/1/533943/100/0/threaded http://www.securityfocus.com/bid/71004 https://exchange.xforce.ibmcloud.com/vulnerabilities/98575 • CWE-19: Data Processing Errors •