Vulnerabilities > CVE-2009-5006

CVSS 4.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

apache

redhat

NVD

Published: 2010-10-18

Updated: 2010-10-19

Summary

The SessionAdapter::ExchangeHandlerImpl::checkAlternate function in broker/SessionAdapter.cpp in the C++ Broker component in Apache Qpid before 0.6, as used in Red Hat Enterprise MRG before 1.3 and other products, allows remote authenticated users to cause a denial of service (NULL pointer dereference, daemon crash, and cluster outage) by attempting to modify the alternate of an exchange.

Vulnerable Configurations

Part	Description	Count
Application	Apache Apache Qpid 0.5	1
OS	Redhat Redhat Enterprise MRG 1.2 Redhat Enterprise MRG 1.0.2 Redhat Enterprise MRG 1.1.2 Redhat Enterprise MRG 1.0.3 Redhat Enterprise MRG 1.0 Redhat Enterprise MRG 1.0.1 Redhat Enterprise MRG 1.1.1 Redhat Enterprise MRG 1.2.2	8

Redhat

advisories

rhsa
id RHSA-2010:0773
rhsa
id RHSA-2010:0774

rpms

PyYAML-0:3.08-5.el5
PyYAML-debuginfo-0:3.08-5.el5
classads-0:1.0.8-1.el5
classads-debuginfo-0:1.0.8-1.el5
classads-devel-0:1.0.8-1.el5
classads-static-0:1.0.8-1.el5
condor-0:7.4.4-0.16.el5
condor-debuginfo-0:7.4.4-0.16.el5
condor-ec2-enhanced-0:1.1-1.el5
condor-ec2-enhanced-hooks-0:1.1-1.el5
condor-job-hooks-0:1.4-5.el5
condor-kbdd-0:7.4.4-0.16.el5
condor-low-latency-0:1.1-0.2.el5
condor-qmf-0:7.4.4-0.16.el5
condor-vm-gahp-0:7.4.4-0.16.el5
condor-wallaby-base-db-0:1.4-5.el5
condor-wallaby-client-0:3.6-6.el5
condor-wallaby-tools-0:3.6-6.el5
cumin-0:0.1.4369-1.el5
libyaml-0:0.1.2-4.el5
libyaml-debuginfo-0:0.1.2-4.el5
libyaml-devel-0:0.1.2-4.el5
mrg-grid-docs-0:1.3-1.el5
mrg-release-0:1.3-2.el5
python-condorec2e-0:1.1-1.el5
python-condorutils-0:1.4-5.el5
python-psycopg2-0:2.0.14-2.el5
python-psycopg2-debuginfo-0:2.0.14-2.el5
python-psycopg2-doc-0:2.0.14-2.el5
python-qmf-0:0.7.946106-13.el5
python-qpid-0:0.7.946106-14.el5
python-saslwrapper-0:0.1.934605-2.el5
python-wallabyclient-0:3.6-6.el5
qmf-0:0.7.946106-17.el5
qmf-devel-0:0.7.946106-17.el5
qpid-cpp-client-0:0.7.946106-17.el5
qpid-cpp-client-devel-0:0.7.946106-17.el5
qpid-cpp-client-devel-docs-0:0.7.946106-17.el5
qpid-cpp-client-rdma-0:0.7.946106-17.el5
qpid-cpp-client-ssl-0:0.7.946106-17.el5
qpid-cpp-mrg-debuginfo-0:0.7.946106-17.el5
qpid-cpp-server-0:0.7.946106-17.el5
qpid-cpp-server-cluster-0:0.7.946106-17.el5
qpid-cpp-server-devel-0:0.7.946106-17.el5
qpid-cpp-server-rdma-0:0.7.946106-17.el5
qpid-cpp-server-ssl-0:0.7.946106-17.el5
qpid-cpp-server-store-0:0.7.946106-17.el5
qpid-cpp-server-xml-0:0.7.946106-17.el5
qpid-java-client-0:0.7.946106-11.el5
qpid-java-common-0:0.7.946106-11.el5
qpid-java-example-0:0.7.946106-11.el5
qpid-tests-0:0.7.946106-1.el5
qpid-tools-0:0.7.946106-11.el5
rh-qpid-cpp-tests-0:0.7.946106-17.el5
rhm-docs-0:0.7.946106-8.el5
ruby-qmf-0:0.7.946106-17.el5
ruby-qpid-0:0.7.946106-2.el5
ruby-rhubarb-0:0.2.7-1.el5
ruby-saslwrapper-0:0.1.934605-2.el5
ruby-spqr-0:0.3.2-1.el5
ruby-sqlite3-0:1.2.4-1.el5
ruby-sqlite3-debuginfo-0:1.2.4-1.el5
ruby-wallaby-0:0.9.18-2.el5
saslwrapper-0:0.1.934605-2.el5
saslwrapper-debuginfo-0:0.1.934605-2.el5
saslwrapper-devel-0:0.1.934605-2.el5
sesame-0:0.7.4297-2.el5
sesame-debuginfo-0:0.7.4297-2.el5
spqr-gen-0:0.3.2-1.el5
wallaby-0:0.9.18-2.el5
wallaby-utils-0:0.9.18-2.el5
classads-0:1.0.8-1.el4
classads-debuginfo-0:1.0.8-1.el4
classads-devel-0:1.0.8-1.el4
classads-static-0:1.0.8-1.el4
condor-0:7.4.4-0.16.el4
condor-debuginfo-0:7.4.4-0.16.el4
condor-job-hooks-0:1.4-5.el4
condor-kbdd-0:7.4.4-0.16.el4
condor-low-latency-0:1.1-0.2.el4
condor-qmf-0:7.4.4-0.16.el4
condor-wallaby-client-0:3.6-6.el4
mrg-grid-docs-0:1.3-1.el4
mrg-release-0:1.3-2.el4
python-condorutils-0:1.4-5.el4
python-qmf-0:0.7.946106-13.el4
python-qpid-0:0.7.946106-14.el4
qmf-0:0.7.946106-17.el4
qmf-devel-0:0.7.946106-17.el4
qpid-cpp-client-0:0.7.946106-17.el4
qpid-cpp-client-devel-0:0.7.946106-17.el4
qpid-cpp-client-devel-docs-0:0.7.946106-17.el4
qpid-cpp-client-ssl-0:0.7.946106-17.el4
qpid-cpp-mrg-debuginfo-0:0.7.946106-17.el4
qpid-cpp-server-0:0.7.946106-17.el4
qpid-cpp-server-devel-0:0.7.946106-17.el4
qpid-cpp-server-ssl-0:0.7.946106-17.el4
qpid-cpp-server-store-0:0.7.946106-17.el4
qpid-cpp-server-xml-0:0.7.946106-17.el4
qpid-java-client-0:0.7.946106-11.el4
qpid-java-common-0:0.7.946106-11.el4
qpid-java-example-0:0.7.946106-11.el4
qpid-tests-0:0.7.946106-1.el4
qpid-tools-0:0.7.946106-11.el4
rh-qpid-cpp-tests-0:0.7.946106-17.el4
rhm-docs-0:0.7.946106-8.el4
sesame-0:0.7.4297-3.el4
sesame-debuginfo-0:0.7.4297-3.el4

Vulnerabilities > CVE-2009-5006 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2009-5006"}]}

Summary

Vulnerable Configurations

Redhat

References

Vulnerabilities > CVE-2009-5006