CVE-2013-0281 Information

Description

Pacemaker 1.1.10 when remote Cluster Information Base (CIB) configuration or resource management is enabled does not limit the duration of connections to the blocking sockets which allows remote attackers to cause a denial of service (connection blocking).

Reference

http://rhn.redhat.com/errata/RHSA-2013-1635.html https://bugzilla.redhat.com/show_bug.cgi?id=891922 https://github.com/ClusterLabs/pacemaker/commit/564f7cc2a51dcd2f28ab12a13394f31be5aa3c93