Showing 1 - 5 of 5

CVE-2019-18609

Status Candidate

Overview

An issue was discovered in amqp_handle_input in amqp_connection.c in rabbitmq-c 0.9.0. There is an integer overflow that leads to heap memory corruption in the handling of CONNECTION_STATE_HEADER. A rogue server could return a malicious frame header that leads to a smaller target_size value than needed. This condition is then carried on to a memcpy function that copies too much data into a heap buffer.

Related Files

Red Hat Security Advisory 2020-4445-01: Posted Nov 4, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4445-01 - The librabbitmq packages provide an Advanced Message Queuing Protocol client library that allows you to communicate with AMQP servers using protocol version 0-9-1. Issues addressed include buffer overflow and integer overflow vulnerabilities.; tags | advisory, overflow, vulnerability, protocol; systems | linux, redhat; advisories | CVE-2019-18609; SHA-256 | bc933ecee1741f5f072b62556cfb87c99d79fa9bee70fd9511c9a5d6f24792de; Download | Favorite | View

Red Hat Security Advisory 2020-3949-01: Posted Sep 30, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-3949-01 - The librabbitmq packages provide an Advanced Message Queuing Protocol client library that allows you to communicate with AMQP servers using protocol version 0-9-1. Issues addressed include buffer overflow and integer overflow vulnerabilities.; tags | advisory, overflow, vulnerability, protocol; systems | linux, redhat; advisories | CVE-2019-18609; SHA-256 | 4cc62e232885ffe0b1e7b4266cc37f36c29f24286fac8c507fc79825896da6a9; Download | Favorite | View

Gentoo Linux Security Advisory 202003-07: Posted Mar 13, 2020; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202003-7 - A vulnerability in RabbitMQ C client might allow an attacker to execute arbitrary code. Versions less than 0.10.0 are affected.; tags | advisory, arbitrary; systems | linux, gentoo; advisories | CVE-2019-18609; SHA-256 | a455da35998a692660cfc4b3e71540e57cd14e0225324944613940267be54bde; Download | Favorite | View

Ubuntu Security Notice USN-4214-2: Posted Dec 12, 2019; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4214-2 - USN-4214-1 fixed a vulnerability in RabbitMQ. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that RabbitMQ incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code.; tags | advisory, arbitrary; systems | linux, ubuntu; advisories | CVE-2019-18609; SHA-256 | 2112292b5a575a6773006ae499f13974f24b967062a1ffcc2995cd73cdf877e1; Download | Favorite | View

Ubuntu Security Notice USN-4214-1: Posted Dec 5, 2019; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4214-1 - It was discovered that RabbitMQ incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code.; tags | advisory, arbitrary; systems | linux, ubuntu; advisories | CVE-2019-18609; SHA-256 | cb29788344365ab2b1d386d6b9f5b6cd6bd498dc04ad06ea17b75bca90e9cb4e; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 228 files
Ubuntu 89 files
Gentoo 31 files
Debian 22 files
tmrswrr 10 files
Sina Kheirkhah 7 files
bRpsd 4 files
Rodolfo Tavares 4 files
nu11secur1ty 3 files
Google Security Research 3 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,079)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,531)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,380)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,289)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,663)
UNIX (9,426)
UnixWare (187)
Windows (6,666)
Other

CVE-2019-18609

Overview

Related Files

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems