Lucene search
K

802 matches found

RedHat Linux
RedHat Linux
added 2012/12/21 3:12 a.m.43 views

Moderate: Red Hat Security Advisory: Fuse MQ Enterprise 7.1.0 update

Fuse MQ Enterprise 7.1.0, which fixes one security issue, various bugs, and adds enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, whi...

5.3CVSS6.3AI score0.05044EPSS
Exploits1References4
Metasploit
Metasploit
added 2012/10/14 8:36 p.m.66 views

Apache ActiveMQ JSP Files Source Disclosure

This module exploits a source code disclosure in Apache ActiveMQ. The vulnerability is due to the Jetty's ResourceHandler handling of specially crafted URI's starting with //. It has been tested successfully on Apache ActiveMQ 5.3.1 over Windows 2003 SP2 and Ubuntu 10.04. This module requires...

5CVSS0.1AI score0.78018EPSS
Exploits6
Metasploit
Metasploit
added 2012/10/14 8:30 p.m.33 views

Apache ActiveMQ Directory Traversal

This module exploits a directory traversal vulnerability in Apache ActiveMQ 5.3.1 and 5.3.2 on Windows systems. The vulnerability exists in the Jetty's ResourceHandler installed with the affected versions. This module has been tested successfully on ActiveMQ 5.3.1 and 5.3.2 over Windows 2003 SP2...

7.3AI score
Exploits0
Dsquare
Dsquare
added 2012/03/18 12:0 a.m.52 views

Apache ActiveMQ Source Code Disclosure

Source code disclosure vulnerability Vulnerability Type: File Disclosure For the exploit source code contact DSquare Security sales team...

5CVSS0.78018EPSS
Exploits6References3
Dsquare
Dsquare
added 2012/01/26 12:0 a.m.70 views

Apache ActiveMQ FD

Directory traversal vulnerability Vulnerability Type: File Disclosure For the exploit source code contact DSquare Security sales team...

0.9AI score
Exploits0
OSV
OSV
added 2012/01/05 4:55 p.m.12 views

CVE-2011-4905

Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial of service file-descriptor exhaustion and broker crash or hang by sending many openwire failover:tcp:// connection requests...

6.5AI score
Exploits0References7
UbuntuCve
UbuntuCve
added 2012/01/05 4:55 p.m.21 views

CVE-2011-4905

Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial of service file-descriptor exhaustion and broker crash or hang by sending many openwire failover:tcp:// connection requests...

5CVSS6.9AI score0.08984EPSS
Exploits1References2
Prion
Prion
added 2012/01/05 4:55 p.m.23 views

Code injection

Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial of service file-descriptor exhaustion and broker crash or hang by sending many openwire failover:tcp:// connection requests...

5CVSS9.1AI score0.08984EPSS
Exploits1References7Affected Software1
CVE
CVE
added 2012/01/05 4:0 p.m.123 views

CVE-2011-4905

CVE-2011-4905 : Apache ActiveMQ is vulnerable to denial of service via the failover path. Specifically, ActiveMQ versions before 5.6.0 can exhaust file descriptors and trigger broker crashes or hangs when remote attackers send many openwire failover:tcp:// connection requests. Remediation in the ...

5CVSS8.1AI score0.08984EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2012/01/05 4:0 p.m.30 views

CVE-2011-4905

Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial of service file-descriptor exhaustion and broker crash or hang by sending many openwire failover:tcp:// connection requests...

8.3AI score0.08984EPSS
Exploits1References7
EUVD
EUVD
added 2012/01/05 4:0 p.m.4 views

EUVD-2022-3455

Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial of service file-descriptor exhaustion and broker crash or hang by sending many openwire failover:tcp:// connection requests...

5CVSS7.5AI score0.08984EPSS
Exploits1References13
seebug.org
seebug.org
added 2011/12/07 12:0 a.m.17 views

Apache ActiveMQ故障转移机制远程拒绝服务漏洞

BUGTRAQ ID: 50904 Apache ActiveMQ是流行的消息传输和集成模式提供程序。 Apache ActiveMQ实现上存在漏洞,在处理openwire连接请求时,failover机制在实现上存在问题,可被利用触发异常并造成代理服务崩溃 0 Apache Group ActiveMQ 5.x 厂商补丁: Apache Group ------------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://httpd.apache.org/...

6.9AI score
Exploits0
securityvulns
securityvulns
added 2010/04/30 12:0 a.m.51 views

Apache ActiveMQ XSS Vulnerability

Vulnerability Info: 26/04/2010 Issue Discovered 26/04/2010 Vendor Notified 27/04/2010 Vendor Conformed Class: Cross-Site Scripting Input validation Severity: Medium Overview: --------- Apache ActiveMQ is prone to cross-site scripting vulnerability. Technical Description: ---------------------- Th...

1.3AI score
Exploits0
Packet Storm
Packet Storm
added 2010/04/30 12:0 a.m.21 views

Apache ActiveMQ Cross Site Scripting

Vulnerability Info: 26/04/2010 Issue Discovered 26/04/2010 Vendor Notified 27/04/2010 Vendor Conformed Class: Cross-Site Scripting Input validation Severity: Medium Overview: --------- Apache ActiveMQ is prone to cross-site scripting vulnerability. Technical Description: ---------------------- Th...

7.4AI score
Exploits0
0day.today
0day.today
added 2010/04/30 12:0 a.m.21 views

Apache ActiveMQ version 5.3.x XSS Vulnerabilities

Exploit for php platform in category web applications ================================================= Apache ActiveMQ version 5.3.x XSS Vulnerabilities ================================================= Severity: Medium Overview: --------- Apache ActiveMQ is prone to cross-site scripting...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2010/04/30 12:0 a.m.13 views

Apache ActiveMQ 'admin/queueBrowse' Cross Site Scripting Vulnerability

Apache ActiveMQ is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

6.6AI score
Exploits0References2
Prion
Prion
added 2010/04/28 10:30 p.m.18 views

Design/Logic Flaw

The Jetty ResourceHandler in Apache ActiveMQ 5.x before 5.3.2 and 5.4.x before 5.4.0 allows remote attackers to read JSP source code via a // slash slash initial substring in a URI for 1 admin/index.jsp, 2 admin/queues.jsp, or 3 admin/topics.jsp...

5CVSS7.3AI score0.78018EPSS
Exploits6References7Affected Software1
NVD
NVD
added 2010/04/28 10:30 p.m.42 views

CVE-2010-1587

The Jetty ResourceHandler in Apache ActiveMQ 5.x before 5.3.2 and 5.4.x before 5.4.0 allows remote attackers to read JSP source code via a // slash slash initial substring in a URI for 1 admin/index.jsp, 2 admin/queues.jsp, or 3 admin/topics.jsp...

5CVSS6.7AI score0.78018EPSS
Exploits6References7
Cvelist
Cvelist
added 2010/04/28 10:0 p.m.45 views

CVE-2010-1587

The Jetty ResourceHandler in Apache ActiveMQ 5.x before 5.3.2 and 5.4.x before 5.4.0 allows remote attackers to read JSP source code via a // slash slash initial substring in a URI for 1 admin/index.jsp, 2 admin/queues.jsp, or 3 admin/topics.jsp...

6.6AI score0.78018EPSS
Exploits6References7
CVE
CVE
added 2010/04/28 10:0 p.m.98 views

CVE-2010-1587

The CVE-2010-1587 issue affects Apache ActiveMQ with the Jetty ResourceHandler. It enables a remote attacker to disclose JSP source code by sending a URI beginning with // that targets (admin/index.jsp, admin/queues.jsp, or admin/topics.jsp). Affected products/versions are ActiveMQ 5.x before 5.3...

5CVSS6.8AI score0.78018EPSS
Exploits6References7Affected Software1
Rows per page
Query Builder