PlainSaslServer.java in Apache Qpid Java prior to 6.0.3, when the broker is configured to allow plaintext passwords, allows remote malicious users to cause a denial of service (broker termination) via a crafted authentication attempt, which triggers an uncaught exception.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache qpid broker-j |