CVE-2012-2145

Apache Qpid 0.17 and earlier does not properly restrict incoming client connections, which allows remote attackers to cause a denial of service (file descriptor consumption) via a large number of incomplete connections.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 91%
Affected Products (NVD)
VendorProductVersion
apacheqpid
𝑥
≤ 0.17
apacheqpid
0.6
apacheqpid
0.7
apacheqpid
0.8
apacheqpid
0.9
apacheqpid
0.10
apacheqpid
0.12
apacheqpid
0.14
apacheqpid
0.16
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
qpid-cpp
artful
ignored
bionic
dne
cosmic
dne
hardy
dne
lucid
dne
natty
dne
oneiric
dne
precise
ignored
quantal
ignored
raring
ignored
saucy
ignored
trusty
dne
utopic
ignored
vivid
ignored
wily
ignored
xenial
not-affected
yakkety
ignored
zesty
ignored
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
python-qpid
RHEL 6
0:0.14-11.el6_3
fixed
python-qpid-qmf
RHEL 6
0:0.14-14.el6_3
fixed
qpid-cpp-client
RHEL 6
0:0.14-22.el6_3
fixed
qpid-cpp-client-ssl
RHEL 6
0:0.14-22.el6_3
fixed
qpid-cpp-server
RHEL 6
0:0.14-22.el6_3
fixed
qpid-cpp-server-ssl
RHEL 6
0:0.14-22.el6_3
fixed
qpid-qmf
RHEL 6
0:0.14-14.el6_3
fixed
qpid-tools
RHEL 6
0:0.14-6.el6_3
fixed
ruby-qpid-qmf
RHEL 6
0:0.14-14.el6_3
fixed
Common Weakness Enumeration
References
http://rhn.redhat.com/errata/RHSA-2012-1269.html
http://rhn.redhat.com/errata/RHSA-2012-1277.html
http://secunia.com/advisories/50573
http://secunia.com/advisories/50698
http://secunia.com/advisories/50699
http://www.securityfocus.com/bid/55608
https://bugzilla.redhat.com/show_bug.cgi?id=817175
https://exchange.xforce.ibmcloud.com/vulnerabilities/78730
https://issues.apache.org/jira/browse/QPID-2616
https://issues.apache.org/jira/browse/QPID-4021
http://rhn.redhat.com/errata/RHSA-2012-1269.html
http://rhn.redhat.com/errata/RHSA-2012-1277.html
http://secunia.com/advisories/50573
http://secunia.com/advisories/50698
http://secunia.com/advisories/50699
http://www.securityfocus.com/bid/55608
https://bugzilla.redhat.com/show_bug.cgi?id=817175
https://exchange.xforce.ibmcloud.com/vulnerabilities/78730
https://issues.apache.org/jira/browse/QPID-2616
https://issues.apache.org/jira/browse/QPID-4021