Bug 640006 (CVE-2010-3701) - CVE-2010-3701 MRG: remote authenticated DoS in broker
Summary: CVE-2010-3701 MRG: remote authenticated DoS in broker
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2010-3701
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 634014
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-10-04 14:30 UTC by Vincent Danen
Modified: 2019-09-29 12:39 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2012-05-09 14:48:35 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2010:0756 0 normal SHIPPED_LIVE Moderate: Red Hat Enterprise MRG Messaging security and bug fix update 1.2.2 2010-10-08 01:49:47 UTC
Red Hat Product Errata RHSA-2010:0757 0 normal SHIPPED_LIVE Moderate: Red Hat Enterprise MRG Messaging security and bug fix update 1.2.2 2010-10-08 01:55:55 UTC

Description Vincent Danen 2010-10-04 14:30:27 UTC 
A flaw was discovered in how the MRG broker handled the receipt of large persistent messages.  If a remote authenticated user were to send a very large persistent message, the broker could exhaust stack memory, resulting in a segfault of the broker.  Subsequent connections to the broker would fail until it was restarted.
Comment 4 Vincent Danen 2010-10-08 01:44:28 UTC 
Further details of this flaw can be found in bug #634014.
Comment 5 errata-xmlrpc 2010-10-08 01:49:55 UTC 
This issue has been addressed in following products:

  MRG for RHEL-5

Via RHSA-2010:0756 https://rhn.redhat.com/errata/RHSA-2010-0756.html
Comment 6 errata-xmlrpc 2010-10-08 01:56:03 UTC 
This issue has been addressed in following products:

  Messaging for MRG on RHEL-4
  Messaging Base for MRG on RHEL-4

Via RHSA-2010:0757 https://rhn.redhat.com/errata/RHSA-2010-0757.html
Note You need to log in before you can comment on or make changes to this bug.