CVE-2017-15699 – Interconnect: Denial of Service vulnerability in Red Hat JBoss AMQ Interconnect

https://notcve.org/view.php?id=CVE-2017-15699

A Denial of Service vulnerability was found in Apache Qpid Dispatch Router versions 0.7.0 and 0.8.0. To exploit this vulnerability, a remote user must be able to establish an AMQP connection to the Qpid Dispatch Router and send a specifically crafted AMQP frame which will cause it to segfault and shut down. Se ha descubierto una vulnerabilidad de denegación de servicio (DoS) en Apache Qpid Dispatch Router 0.7.0 y 0.8.0. Para explotar esta vulnerabilidad, un usuario remoto debe poder establecer una conexión AMQP a Qpid Dispatch Router y enviar un frame AMQP especialmente manipulado, lo que provocará un fallo de segmentación y el cierre. • http://www.securityfocus.com/bid/103067 https://issues.apache.org/jira/browse/DISPATCH-924 https://access.redhat.com/security/cve/CVE-2017-15699 https://bugzilla.redhat.com/show_bug.cgi?id=1512724 • CWE-20: Improper Input Validation •