cbcvebase.
CVE-2015-0224
published 2017-10-30

CVE-2015-0224: qpidd in Apache Qpid 0.30 and earlier allows remote attackers to cause a denial of service (daemon crash) via a crafted protocol sequence set. NOTE: this…

PriorityP342high7.5CVSS 3.0
AVNACLPRNUINSUCNINAH
EPSS
15.12%
96.3th percentile
qpidd in Apache Qpid 0.30 and earlier allows remote attackers to cause a denial of service (daemon crash) via a crafted protocol sequence set. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0203.

Affected

1 ranges
VendorProductVersion rangeFixed in
apacheqpid<= 0.30

Detection & IOCsextracted from sources · hover to see the quote

  • Crash qpidd by sending an AMQP 0-10 sequence-set containing a single range expressing the maximum possible gap (not merely an inverted range where start > end, but the maximal range value)
  • The attack does not require authentication — unauthenticated remote attackers can send the crafted sequence-set to crash qpidd
  • Monitor qpidd for unexpected process exits or assertion failures triggered by AMQP 0-10 sequence-set parsing; the daemon crashes (assertion) rather than recovering gracefully
  • The fix for CVE-2015-0224 is in SVN revision 1654365; systems running qpid-cpp 0.30 or earlier without this patch applied are vulnerable
  • ·CVE-2015-0224 is an incomplete fix for CVE-2015-0203; the original advisory incorrectly described the trigger as an inverted range (start > end), but the actual crash vector is a sequence-set with a single range expressing the maximum possible gap
  • ·qpid-cpp packages in Red Hat Enterprise Linux 6 base channels are deprecated and will not receive a fix; only MRG-Messaging product versions received patches

CVSS provenance

nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
vendor_redhat6.5MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.