Vulnerabilities > CVE-2010-3083

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
apache
redhat
NVD
Published: 2010-10-12
Updated: 2021-07-15

Summary

sys/ssl/SslSocket.cpp in qpidd in Apache Qpid, as used in Red Hat Enterprise MRG before 1.2.2 and other products, when SSL is enabled, allows remote attackers to cause a denial of service (daemon outage) by connecting to the SSL port but not participating in an SSL handshake.

Vulnerable Configurations

Part Description Count
Application
Apache
2
OS
Redhat
7

Redhat

advisories
  • rhsa
    idRHSA-2010:0756
  • rhsa
    idRHSA-2010:0757
rpms
  • qmf-0:0.5.752581-42.el5
  • qmf-devel-0:0.5.752581-42.el5
  • qpidc-0:0.5.752581-42.el5
  • qpidc-debuginfo-0:0.5.752581-42.el5
  • qpidc-devel-0:0.5.752581-42.el5
  • qpidc-perftest-0:0.5.752581-42.el5
  • qpidc-rdma-0:0.5.752581-42.el5
  • qpidc-ssl-0:0.5.752581-42.el5
  • qpidd-0:0.5.752581-42.el5
  • qpidd-acl-0:0.5.752581-42.el5
  • qpidd-cluster-0:0.5.752581-42.el5
  • qpidd-devel-0:0.5.752581-42.el5
  • qpidd-rdma-0:0.5.752581-42.el5
  • qpidd-ssl-0:0.5.752581-42.el5
  • qpidd-xml-0:0.5.752581-42.el5
  • rhm-0:0.5.3206-36.el5
  • rhm-debuginfo-0:0.5.3206-36.el5
  • qmf-0:0.5.752581-42.el4
  • qmf-devel-0:0.5.752581-42.el4
  • qpidc-0:0.5.752581-42.el4
  • qpidc-debuginfo-0:0.5.752581-42.el4
  • qpidc-devel-0:0.5.752581-42.el4
  • qpidc-perftest-0:0.5.752581-42.el4
  • qpidc-ssl-0:0.5.752581-42.el4
  • qpidd-0:0.5.752581-42.el4
  • qpidd-acl-0:0.5.752581-42.el4
  • qpidd-devel-0:0.5.752581-42.el4
  • qpidd-ssl-0:0.5.752581-42.el4
  • qpidd-xml-0:0.5.752581-42.el4
  • rhm-0:0.5.3206-36.el4
  • rhm-debuginfo-0:0.5.3206-36.el4

References