CVE-2012-4458
First published: Thu Sep 27 2012(Updated: )
It was discovered that the AMQP type decoder was exposed pre-authentication because it was possible to send arbitrary types in the client-properties map in a connection.start-ok message. This is used to send an array with elements which are all of width zero and thus consume no space on the wire, but need storage after decoding by the server. On some systems, a suitably chosen SIZE value triggers the OOM killer and terminates the server process permanently. Acknowledgements: This issue was discovered by Florian Weimer of the Red Hat Product Security Team.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apache Qpid | <=0.20 | |
| Apache Qpid | =0.5 | |
| Apache Qpid | =0.6 | |
| Apache Qpid | =0.7 | |
| Apache Qpid | =0.8 | |
| Apache Qpid | =0.9 | |
| Apache Qpid | =0.10 | |
| Apache Qpid | =0.11 | |
| Apache Qpid | =0.12 | |
| Apache Qpid | =0.13 | |
| Apache Qpid | =0.14 | |
| Apache Qpid | =0.15 | |
| Apache Qpid | =0.16 | |
| Apache Qpid | =0.17 | |
| Apache Qpid | =0.18 | |
| Apache Qpid | =0.19 | |
| redhat/qpid-cpp | <0.21 | 0.21 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://rhn.redhat.com/errata/RHSA-2013-0561.html
- http://rhn.redhat.com/errata/RHSA-2013-0562.html
- http://secunia.com/advisories/52516
- http://svn.apache.org/viewvc?view=revision&revision=1453031
- https://bugzilla.redhat.com/show_bug.cgi?id=861234
- https://issues.apache.org/jira/browse/QPID-4629
- https://issues.apache.org/jira/issues/?jql=fixVersion%20%3D%20%220.21%22%20AND%20project%20%3D%20QPID
- https://svn.apache.org/viewvc?view=revision&revision=1453031
- https://rhn.redhat.com/errata/RHSA-2013-0562.html
- https://rhn.redhat.com/errata/RHSA-2013-0561.html
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=918804
Frequently Asked Questions
What is the severity of CVE-2012-4458?
CVE-2012-4458 is classified as a medium severity vulnerability due to its potential impact on security by allowing arbitrary type manipulation.
How do I fix CVE-2012-4458?
To fix CVE-2012-4458, upgrade to Apache Qpid version 0.21 or later.
Which versions of Apache Qpid are affected by CVE-2012-4458?
CVE-2012-4458 affects Apache Qpid versions up to and including 0.20 as well as specific versions from 0.5 to 0.19.
What type of attack can CVE-2012-4458 facilitate?
CVE-2012-4458 can facilitate unauthorized data manipulation attacks by exploiting the AMQP type decoder before authentication.
Is there a specific vendor or distribution that provides a remedy for CVE-2012-4458?
Yes, Red Hat provides a remedial package version qpid-cpp 0.21 for addressing CVE-2012-4458.
- collector/nvd-index
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/last-modified-date
- agent/severity
- agent/remedy
- agent/weakness
- agent/author
- agent/event
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2012-4458
- agent/software-canonical-lookup
- agent/trending
- agent/tags
- agent/source
- vendor/apache
- canonical/apache qpid
- version/apache qpid/0.20
- version/apache qpid/0.5
- version/apache qpid/0.6
- version/apache qpid/0.7
- version/apache qpid/0.8
- version/apache qpid/0.9
- version/apache qpid/0.10
- version/apache qpid/0.11
- version/apache qpid/0.12
- version/apache qpid/0.13
- version/apache qpid/0.14
- version/apache qpid/0.15
- version/apache qpid/0.16
- version/apache qpid/0.17
- version/apache qpid/0.18
- version/apache qpid/0.19
- package-manager/redhat