CVE-2016-3088

The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request...

DEBIAN-CVE-2016-3088

The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request...

UBUNTU-CVE-2016-3088

The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request...

Cross site request forgery (csrf)

The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request...

CVE-2016-3088

CVE-2016-3088 affects Apache ActiveMQ 5.x prior to 5.14.0. The Fileserver web application vulnerable to remote code execution via an HTTP PUT followed by an HTTP MOVE request allows an attacker to upload and execute arbitrary files on the server. Connected PoC repositories describe Python-based a...

CVE-2016-3088

The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request...

CVE-2016-3088

The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request...

Apache ActiveMQ Fileserver Remote Code Execution Vulnerability

Apache ActiveMQ is the messaging and integration model provider . A remote code execution vulnerability exists in the Apache ActiveMQ Fileserver web program, which could allow a remote attacker to replace the web application with malicious code to execute remote code on an affected system...

CVE-2016-3088

The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request. Mitigation Users are advised to use other FTP and HTTP based file servers for transferring blob messages. Fileserver...

PT-2016-3434

Name of the Vulnerable Software and Affected Versions Apache ActiveMQ versions 5.x through 5.13.x Description The issue exists due to insufficient input validation in the Fileserver web application. It allows a remote attacker to upload and execute arbitrary files via an HTTP PUT request followed...

Apache ActiveMQ MOVE Method Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apache ActiveMQ. Authentication may or may not be required to exploit this vulnerability, according to how the product has been configured. The specific flaw exists within the fileserver web servic...

Apache ActiveMQ Fileserver File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apache ActiveMQ. Authentication may or may not be required to exploit this vulnerability, depending on how the product has been configured. The specific flaw exists within the "fileserver" web...

SUSE: Security Advisory for Samba (SUSE-SU-2014:0497-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Apache ActiveMQ RestFilter Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apache ActiveMQ. Authentication is not required to exploit this vulnerability. The specific flaw exists within ActiveMQ fileserver web application. By issuing specially crafted requests, an attacke...

CVE-2015-1830

Directory traversal vulnerability in the fileserver upload/download functionality for blob messages in Apache ActiveMQ 5.x before 5.11.2 for Windows allows remote attackers to create JSP files in arbitrary directories via unspecified vectors...

Directory traversal

Directory traversal vulnerability in the fileserver upload/download functionality for blob messages in Apache ActiveMQ 5.x before 5.11.2 for Windows allows remote attackers to create JSP files in arbitrary directories via unspecified vectors...

CVE-2015-1830

Directory traversal vulnerability in the fileserver upload/download functionality for blob messages in Apache ActiveMQ 5.x before 5.11.2 for Windows allows remote attackers to create JSP files in arbitrary directories via unspecified vectors...

CVE-2015-1830

Directory traversal vulnerability in the fileserver upload/download functionality for blob messages in Apache ActiveMQ 5.x before 5.11.2 for Windows allows remote attackers to create JSP files in arbitrary directories via unspecified vectors...

Apache ActiveMQ 5.11.1/5.13.2 - Directory Traversal / Command Execution

I have recently been playing with Apache ActiveMQ, and came across a simple but interesting directory traversal flaw in the fileserver upload/download functionality. I have only been able to reproduce this on Windows, i.e. where "" is a path delimiter. An attacker could use this flaw to upload...

activemq: Fileserver web application vulnerability allowing RCE

The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request...