Apache Kafka 安全漏洞

Apache Kafka is an open source distributed streaming platform from the Apache USA Foundation. The platform is capable of fetching real-time data for building applications that react in real-time to changes in data streams. A security vulnerability exists in Apache Kafka that stems from a...

The vulnerability of the Apache ActiveMQ software platform, which allows a perpetrator to bypass the authentication process

The vulnerability of the LDAPLoginModule and the Java Authentication and Authorization Service components of the Apache ActiveMQ software platform is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to bypass the authentication process ...

UBUNTU-CVE-2015-6524

The LDAPLoginModule implementation in the Java Authentication and Authorization Service JAAS in Apache ActiveMQ 5.x before 5.10.1 allows wildcard operators in usernames, which allows remote attackers to obtain credentials via a brute force attack. NOTE: this identifier was SPLIT from CVE-2014-361...

OpenJDK: insecure subject principals set handling (JAAS, 8024306)

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect integrity via vectors related to JAAS. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the...