Showing 1 - 5 of 5

CVE-2019-18609

Status Candidate

Overview

An issue was discovered in amqp_handle_input in amqp_connection.c in rabbitmq-c 0.9.0. There is an integer overflow that leads to heap memory corruption in the handling of CONNECTION_STATE_HEADER. A rogue server could return a malicious frame header that leads to a smaller target_size value than needed. This condition is then carried on to a memcpy function that copies too much data into a heap buffer.

Related Files

Red Hat Security Advisory 2020-4445-01: Posted Nov 4, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4445-01 - The librabbitmq packages provide an Advanced Message Queuing Protocol client library that allows you to communicate with AMQP servers using protocol version 0-9-1. Issues addressed include buffer overflow and integer overflow vulnerabilities.; tags | advisory, overflow, vulnerability, protocol; systems | linux, redhat; advisories | CVE-2019-18609; SHA-256 | bc933ecee1741f5f072b62556cfb87c99d79fa9bee70fd9511c9a5d6f24792de; Download | Favorite | View

Red Hat Security Advisory 2020-3949-01: Posted Sep 30, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-3949-01 - The librabbitmq packages provide an Advanced Message Queuing Protocol client library that allows you to communicate with AMQP servers using protocol version 0-9-1. Issues addressed include buffer overflow and integer overflow vulnerabilities.; tags | advisory, overflow, vulnerability, protocol; systems | linux, redhat; advisories | CVE-2019-18609; SHA-256 | 4cc62e232885ffe0b1e7b4266cc37f36c29f24286fac8c507fc79825896da6a9; Download | Favorite | View

Gentoo Linux Security Advisory 202003-07: Posted Mar 13, 2020; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202003-7 - A vulnerability in RabbitMQ C client might allow an attacker to execute arbitrary code. Versions less than 0.10.0 are affected.; tags | advisory, arbitrary; systems | linux, gentoo; advisories | CVE-2019-18609; SHA-256 | a455da35998a692660cfc4b3e71540e57cd14e0225324944613940267be54bde; Download | Favorite | View

Ubuntu Security Notice USN-4214-2: Posted Dec 12, 2019; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4214-2 - USN-4214-1 fixed a vulnerability in RabbitMQ. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that RabbitMQ incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code.; tags | advisory, arbitrary; systems | linux, ubuntu; advisories | CVE-2019-18609; SHA-256 | 2112292b5a575a6773006ae499f13974f24b967062a1ffcc2995cd73cdf877e1; Download | Favorite | View

Ubuntu Security Notice USN-4214-1: Posted Dec 5, 2019; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4214-1 - It was discovered that RabbitMQ incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code.; tags | advisory, arbitrary; systems | linux, ubuntu; advisories | CVE-2019-18609; SHA-256 | cb29788344365ab2b1d386d6b9f5b6cd6bd498dc04ad06ea17b75bca90e9cb4e; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 234 files
indoushka 93 files
Ubuntu 87 files
Gentoo 36 files
Jasper Nota 25 files
Debian 21 files
Willem Westerhof 19 files
Jim Blankendaal 11 files
Apple 9 files
Martijn Baalman 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,099)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,567)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,756)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,521)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,747)
UNIX (9,436)
UnixWare (187)
Windows (6,674)
Other

CVE-2019-18609

Overview

Related Files

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems