Download
| Alert*
oval:org.secpod.oval:def:117170
Mosquitto is an open source message broker that implements the MQ Telemetry Transport protocol version 3.1 and 3.1.1 MQTT provides a lightweight method of carrying out messaging using a publish/subscribe model. This makes it suitable for "machine to machine" messaging such as with low powe ... oval:org.secpod.oval:def:117171 Mosquitto is an open source message broker that implements the MQ Telemetry Transport protocol version 3.1 and 3.1.1 MQTT provides a lightweight method of carrying out messaging using a publish/subscribe model. This makes it suitable for "machine to machine" messaging such as with low powe ... oval:org.secpod.oval:def:1801636 In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE packet containing a topic that consists of approximately 65400 or more "/" characters, i.e. the topic hierarchy separator, then a stack overflow will occur. oval:org.secpod.oval:def:705183 mosquitto: MQTT version 3.1/3.1.1 compatible message broker Mosquitto could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:604609 A vulnerability was discovered in mosquitto, a MQTT version 3.1/3.1.1 compatible message broker, allowing a malicious MQTT client to cause a denial of service , by sending a specially crafted SUBSCRIBE packet containing a topic with a extremely deep hierarchy. oval:org.secpod.oval:def:69786 A vulnerability was discovered in mosquitto, a MQTT version 3.1/3.1.1 compatible message broker, allowing a malicious MQTT client to cause a denial of service , by sending a specially crafted SUBSCRIBE packet containing a topic with a extremely deep hierarchy. |