[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-3761-1 rabbitmq-server -- rabbitmq-server

ID: oval:org.secpod.oval:def:602740Date: (C)2017-01-17   (M)2023-12-20
Class: PATCHFamily: unix




It was discovered that RabbitMQ, an implementation of the AMQP protocol, didn"t correctly validate MQTT connection authentication. This allowed anyone to login to an existing user account without having to provide a password.

Platform:
Debian 8.x
Product:
rabbitmq-server
Reference:
DSA-3761-1
CVE-2016-9877
CVE    1
CVE-2016-9877
CPE    2
cpe:/o:debian:debian_linux:8.x
cpe:/a:rabbitmq:rabbitmq-server

© SecPod Technologies