Description
Apache Karaf before 4.0.10 enables a shutdown port on the loopback interface, which allows local users to cause a denial of service (shutdown) by sending a shutdown command to all listening high ports.
Remediation
References
https://bugzilla.redhat.com/show_bug.cgi?id=1095974
http://www.securityfocus.com/bid/101872
http://karaf.apache.org/security/cve-2014-0219.txt
Related Vulnerabilities
CVE-2019-19466 Vulnerability in npm package sceditor
CVE-2023-23850 Vulnerability in maven package org.jenkins-ci.plugins:synopsys-coverity
CVE-2019-10753 Vulnerability in maven package com.diffplug.gradle.spotless:spotless-eclipse-groovy
CVE-2022-21144 Vulnerability in npm package libxmljs
CVE-2020-14326 Vulnerability in maven package org.jboss.resteasy:resteasy-core