Apache Qpid 0.17 and earlier does not properly restrict incoming client connections, which allows remote attackers to cause a denial of service (file descriptor consumption) via a large number of incomplete connections.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Qpid | Apache | * | 0.17 (including) |
| Qpid | Apache | 0.6 (including) | 0.6 (including) |
| Qpid | Apache | 0.7 (including) | 0.7 (including) |
| Qpid | Apache | 0.8 (including) | 0.8 (including) |
| Qpid | Apache | 0.9 (including) | 0.9 (including) |
| Qpid | Apache | 0.10 (including) | 0.10 (including) |
| Qpid | Apache | 0.12 (including) | 0.12 (including) |
| Qpid | Apache | 0.14 (including) | 0.14 (including) |
| Qpid | Apache | 0.16 (including) | 0.16 (including) |
| MRG for RHEL-5 v. 2 | RedHat | mrg-release-0:2.2.0-1.el5 | * |
| MRG for RHEL-5 v. 2 | RedHat | python-qpid-0:0.14-11.el5 | * |
| MRG for RHEL-5 v. 2 | RedHat | qpid-cpp-mrg-0:0.14-22.el5 | * |
| MRG for RHEL-5 v. 2 | RedHat | qpid-java-0:0.18-2.el5 | * |
| MRG for RHEL-5 v. 2 | RedHat | qpid-jca-0:0.18-2.el5 | * |
| MRG for RHEL-5 v. 2 | RedHat | qpid-qmf-0:0.14-14.el5 | * |
| MRG for RHEL-5 v. 2 | RedHat | qpid-tools-0:0.14-6.el5 | * |
| Red Hat Enterprise Linux 6 | RedHat | python-qpid-0:0.14-11.el6_3 | * |
| Red Hat Enterprise Linux 6 | RedHat | qpid-cpp-0:0.14-22.el6_3 | * |
| Red Hat Enterprise Linux 6 | RedHat | qpid-qmf-0:0.14-14.el6_3 | * |
| Red Hat Enterprise Linux 6 | RedHat | qpid-tools-0:0.14-6.el6_3 | * |
| Qpid-cpp | Ubuntu | artful | * |
| Qpid-cpp | Ubuntu | precise | * |
| Qpid-cpp | Ubuntu | quantal | * |
| Qpid-cpp | Ubuntu | raring | * |
| Qpid-cpp | Ubuntu | saucy | * |
| Qpid-cpp | Ubuntu | utopic | * |
| Qpid-cpp | Ubuntu | vivid | * |
| Qpid-cpp | Ubuntu | wily | * |
| Qpid-cpp | Ubuntu | yakkety | * |
| Qpid-cpp | Ubuntu | zesty | * |