[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE Request for Apache ActiveMQ DoS
From:       Kurt Seifried <kseifried () redhat ! com>
Date:       2011-12-25 19:13:00
Message-ID: 4EF775BC.2010201 () redhat ! com
[Download RAW message or body]

On 12/24/2011 05:37 PM, David Jorm wrote:
> A flaw in Apache ActiveMQ before 5.6.0 could allow a remote unauthenticated
> attacker to abuse the 'failover' feature, allowing them to trigger a denial of
> service against the broker service.  An attacker can issue multiple ActiveMQ
> openwire connection requests using the string 'failover:tcp://[IP]:61616', and
> due to the 'failure' mechanism, all TCP connections remain active even if a
> valid session is not created.  After a few thousand requests, a
> 'java.net.SocketException: Too many open files' exception is triggered, leading
> to a freeze or crash of the broker (and possibly connected systems as well).
>
> Upstream bug:
> https://issues.apache.org/jira/browse/AMQ-3294
>
> Secunia advisory:
> http://secunia.com/advisories/47112
>
> Patch commits:
> http://svn.apache.org/viewvc?view=revision&revision=1209700
> http://svn.apache.org/viewvc?view=revision&revision=1211844
>
Please use CVE-2011-4905 for this issue.

-- 

-Kurt Seifried / Red Hat Security Response Team

[prev in list] [next in list] [prev in thread] [next in thread]