Apache Qpid Two Denial of Service Vulnerabilities

by Carol~ Moderator - 3/7/13 2:42 PM

In Reply to: VULNERABILITIES / FIXES - March 07, 2013 by Carol~ Moderator

Release Date : 2013-03-07

Criticality level : Less critical
Impact : DoS
Where : From local network
Solution Status : Vendor Workaround

Software: Apache Qpid 0.x

Description:
Two vulnerabilities have been reported in Apache Qpid, which can be exploited by malicious users and malicious people to cause a DoS (Denial of Service).

1) An error when decoding AMQP types in certain messages can be exploited to exhaust memory resources and subsequently terminate the server process via a specially crafted client-properties map in a connection.start-ok message.

2) An integer overflow error in the "qpid::framing::Buffer::checkAvailable()" function (qpid/cpp/include/qpid/framing/Buffer.h) can be exploited to cause a buffer overflow.

Solution:
Fixed in the SVN repository.

Provided and/or discovered by:
Florian Weimer, Red Hat Product Security Team.

Original Advisory:
Apache Qpid:
https://issues.apache.org/jira/browse/QPID-4629

Red Hat:
https://bugzilla.redhat.com/show_bug.cgi?id=861234
https://bugzilla.redhat.com/show_bug.cgi?id=861241

http://secunia.com/advisories/52510/