CVE-2016-9877 Ubuntu Security Notification for Rabbitmq-server Vulnerability (USN-3374-1)

It was discovered that RabbitMQ incorrectly handled MQTT (MQ Telemetry Transport) authentication.

A remote attacker could use this issue to authenticate successfully with an existing username by omitting the password.

Refer to Ubuntu advisory USN-3374-1 for affected packages and patching details, or update with your package manager.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

USN-3374-1: 16.04 (Xenial) on src (rabbitmq-server)

USN-3374-1: 14.04 (Kylin) on src (rabbitmq-server)