Vulnerability-Lookup

CNVD-2018-03762

Vulnerability from cnvd - Published: 2018-02-28

Title

Apache Qpid拒绝服务漏洞（CNVD-2018-03762）

Description

Apache Qpid是美国阿帕奇（Apache）软件基金会开发的一款面向对象的消息中间件，它是一个AMQP（高级消息队列协议）的实现，可以和符合AMQP协议的系统进行通信，并提供了C++、Python、Java、C#等编程语言的客户端库。Qpid Broker-J是其中的一个使用Java编写的中间件消息代理组件。 Apache Qpid存在拒绝服务漏洞。攻击者可利用该漏洞造成拒绝服务（崩溃）。

Severity

中

Patch Name

Apache Qpid拒绝服务漏洞（CNVD-2018-03762）的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接: https://lists.apache.org/thread.html/d9087e9e57c9b6376754e2b4ea8cd5e9ae6449ed17fc384640c9c9e1@%3Cusers.qpid.apache.org%3E

Reference

https://lists.apache.org/thread.html/d9087e9e57c9b6376754e2b4ea8cd5e9ae6449ed17fc384640c9c9e1@%3Cusers.qpid.apache.org%3E

Impacted products

Name
Apache Qpid

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-1298"
    }
  },
  "description": "Apache Qpid\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u8f6f\u4ef6\u57fa\u91d1\u4f1a\u5f00\u53d1\u7684\u4e00\u6b3e\u9762\u5411\u5bf9\u8c61\u7684\u6d88\u606f\u4e2d\u95f4\u4ef6\uff0c\u5b83\u662f\u4e00\u4e2aAMQP\uff08\u9ad8\u7ea7\u6d88\u606f\u961f\u5217\u534f\u8bae\uff09\u7684\u5b9e\u73b0\uff0c\u53ef\u4ee5\u548c\u7b26\u5408AMQP\u534f\u8bae\u7684\u7cfb\u7edf\u8fdb\u884c\u901a\u4fe1\uff0c\u5e76\u63d0\u4f9b\u4e86C++\u3001Python\u3001Java\u3001C#\u7b49\u7f16\u7a0b\u8bed\u8a00\u7684\u5ba2\u6237\u7aef\u5e93\u3002Qpid Broker-J\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u4f7f\u7528Java\u7f16\u5199\u7684\u4e2d\u95f4\u4ef6\u6d88\u606f\u4ee3\u7406\u7ec4\u4ef6\u3002\r\n\r\nApache Qpid\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e \u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u5d29\u6e83\uff09\u3002",
  "discovererName": "unknwon",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5:\r\nhttps://lists.apache.org/thread.html/d9087e9e57c9b6376754e2b4ea8cd5e9ae6449ed17fc384640c9c9e1@%3Cusers.qpid.apache.org%3E",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-03762",
  "openTime": "2018-02-28",
  "patchDescription": "Apache Qpid\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u8f6f\u4ef6\u57fa\u91d1\u4f1a\u5f00\u53d1\u7684\u4e00\u6b3e\u9762\u5411\u5bf9\u8c61\u7684\u6d88\u606f\u4e2d\u95f4\u4ef6\uff0c\u5b83\u662f\u4e00\u4e2aAMQP\uff08\u9ad8\u7ea7\u6d88\u606f\u961f\u5217\u534f\u8bae\uff09\u7684\u5b9e\u73b0\uff0c\u53ef\u4ee5\u548c\u7b26\u5408AMQP\u534f\u8bae\u7684\u7cfb\u7edf\u8fdb\u884c\u901a\u4fe1\uff0c\u5e76\u63d0\u4f9b\u4e86C++\u3001Python\u3001Java\u3001C#\u7b49\u7f16\u7a0b\u8bed\u8a00\u7684\u5ba2\u6237\u7aef\u5e93\u3002Qpid Broker-J\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u4f7f\u7528Java\u7f16\u5199\u7684\u4e2d\u95f4\u4ef6\u6d88\u606f\u4ee3\u7406\u7ec4\u4ef6\u3002\r\n\r\nApache Qpid\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e \u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u5d29\u6e83\uff09\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Apache Qpid\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2018-03762\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Apache Qpid"
  },
  "referenceLink": "https://lists.apache.org/thread.html/d9087e9e57c9b6376754e2b4ea8cd5e9ae6449ed17fc384640c9c9e1@%3Cusers.qpid.apache.org%3E",
  "serverity": "\u4e2d",
  "submitTime": "2018-02-26",
  "title": "Apache Qpid\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2018-03762\uff09"
}

CVE-2018-1298 (GCVE-0-2018-1298)

Vulnerability from cvelistv5 – Published: 2018-02-09 14:00 – Updated: 2024-09-16 20:59

Summary

A Denial of Service vulnerability was found in Apache Qpid Broker-J 7.0.0 in functionality for authentication of connections for AMQP protocols 0-8, 0-9, 0-91 and 0-10 when PLAIN or XOAUTH2 SASL mechanism is used. The vulnerability allows unauthenticated attacker to crash the broker instance. AMQP 1.0 and HTTP connections are not affected. An authentication of incoming AMQP connections in Apache Qpid Broker-J is performed by special entities called "Authentication Providers". Each Authentication Provider can support several SASL mechanisms which are offered to the connecting clients as part of SASL negotiation process. The client chooses the most appropriate SASL mechanism for authentication. Authentication Providers of following types supports PLAIN SASL mechanism: Plain, PlainPasswordFile, SimpleLDAP, Base64MD5PasswordFile, MD5, SCRAM-SHA-256, SCRAM-SHA-1. XOAUTH2 SASL mechanism is supported by Authentication Providers of type OAuth2. If an AMQP port is configured with any of these Authentication Providers, the Broker may be vulnerable.

Severity ?

No CVSS data available.

CWE

Denial of Service Vulnerability

Assigner

apache

References

URL

Tags

https://lists.apache.org/thread.html/d9087e9e57c9…

mailing-listx_refsource_MLIST

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Apache Qpid Broker-J	Affected: 7.0.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:59:37.665Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[users] 20180208 [SECURITY][CVE-2018-1298] Apache Qpid Broker-J Denial of Service Vulnerability with PLAIN and XOAUTH2 SASL mechanisms",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/d9087e9e57c9b6376754e2b4ea8cd5e9ae6449ed17fc384640c9c9e1%40%3Cusers.qpid.apache.org%3E"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Apache Qpid Broker-J",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "status": "affected",
              "version": "7.0.0"
            }
          ]
        }
      ],
      "datePublic": "2018-02-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Denial of Service vulnerability was found in Apache Qpid Broker-J 7.0.0 in functionality for authentication of connections for AMQP protocols 0-8, 0-9, 0-91 and 0-10 when PLAIN or XOAUTH2 SASL mechanism is used. The vulnerability allows unauthenticated attacker to crash the broker instance. AMQP 1.0 and HTTP connections are not affected. An authentication of incoming AMQP connections in Apache Qpid Broker-J is performed by special entities called \"Authentication Providers\". Each Authentication Provider can support several SASL mechanisms which are offered to the connecting clients as part of SASL negotiation process. The client chooses the most appropriate SASL mechanism for authentication. Authentication Providers of following types supports PLAIN SASL mechanism: Plain, PlainPasswordFile, SimpleLDAP, Base64MD5PasswordFile, MD5, SCRAM-SHA-256, SCRAM-SHA-1. XOAUTH2 SASL mechanism is supported by Authentication Providers of type OAuth2. If an AMQP port is configured with any of these Authentication Providers, the Broker may be vulnerable."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of Service Vulnerability",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-02-09T13:57:01",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "name": "[users] 20180208 [SECURITY][CVE-2018-1298] Apache Qpid Broker-J Denial of Service Vulnerability with PLAIN and XOAUTH2 SASL mechanisms",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/d9087e9e57c9b6376754e2b4ea8cd5e9ae6449ed17fc384640c9c9e1%40%3Cusers.qpid.apache.org%3E"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@apache.org",
          "DATE_PUBLIC": "2018-02-08T00:00:00",
          "ID": "CVE-2018-1298",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Apache Qpid Broker-J",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.0.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Apache Software Foundation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A Denial of Service vulnerability was found in Apache Qpid Broker-J 7.0.0 in functionality for authentication of connections for AMQP protocols 0-8, 0-9, 0-91 and 0-10 when PLAIN or XOAUTH2 SASL mechanism is used. The vulnerability allows unauthenticated attacker to crash the broker instance. AMQP 1.0 and HTTP connections are not affected. An authentication of incoming AMQP connections in Apache Qpid Broker-J is performed by special entities called \"Authentication Providers\". Each Authentication Provider can support several SASL mechanisms which are offered to the connecting clients as part of SASL negotiation process. The client chooses the most appropriate SASL mechanism for authentication. Authentication Providers of following types supports PLAIN SASL mechanism: Plain, PlainPasswordFile, SimpleLDAP, Base64MD5PasswordFile, MD5, SCRAM-SHA-256, SCRAM-SHA-1. XOAUTH2 SASL mechanism is supported by Authentication Providers of type OAuth2. If an AMQP port is configured with any of these Authentication Providers, the Broker may be vulnerable."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of Service Vulnerability"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[users] 20180208 [SECURITY][CVE-2018-1298] Apache Qpid Broker-J Denial of Service Vulnerability with PLAIN and XOAUTH2 SASL mechanisms",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/d9087e9e57c9b6376754e2b4ea8cd5e9ae6449ed17fc384640c9c9e1@%3Cusers.qpid.apache.org%3E"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2018-1298",
    "datePublished": "2018-02-09T14:00:00Z",
    "dateReserved": "2017-12-07T00:00:00",
    "dateUpdated": "2024-09-16T20:59:06.782Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2018-03762

CVE-2018-1298 (GCVE-0-2018-1298)

Tags

Sightings

Nomenclature