802 matches found
Moderate: Red Hat Security Advisory: Fuse MQ Enterprise 7.1.0 update
Fuse MQ Enterprise 7.1.0, which fixes one security issue, various bugs, and adds enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, whi...
Apache ActiveMQ JSP Files Source Disclosure
This module exploits a source code disclosure in Apache ActiveMQ. The vulnerability is due to the Jetty's ResourceHandler handling of specially crafted URI's starting with //. It has been tested successfully on Apache ActiveMQ 5.3.1 over Windows 2003 SP2 and Ubuntu 10.04. This module requires...
Apache ActiveMQ Directory Traversal
This module exploits a directory traversal vulnerability in Apache ActiveMQ 5.3.1 and 5.3.2 on Windows systems. The vulnerability exists in the Jetty's ResourceHandler installed with the affected versions. This module has been tested successfully on ActiveMQ 5.3.1 and 5.3.2 over Windows 2003 SP2...
Apache ActiveMQ Source Code Disclosure
Source code disclosure vulnerability Vulnerability Type: File Disclosure For the exploit source code contact DSquare Security sales team...
Apache ActiveMQ FD
Directory traversal vulnerability Vulnerability Type: File Disclosure For the exploit source code contact DSquare Security sales team...
CVE-2011-4905
Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial of service file-descriptor exhaustion and broker crash or hang by sending many openwire failover:tcp:// connection requests...
CVE-2011-4905
Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial of service file-descriptor exhaustion and broker crash or hang by sending many openwire failover:tcp:// connection requests...
Code injection
Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial of service file-descriptor exhaustion and broker crash or hang by sending many openwire failover:tcp:// connection requests...
CVE-2011-4905
CVE-2011-4905 : Apache ActiveMQ is vulnerable to denial of service via the failover path. Specifically, ActiveMQ versions before 5.6.0 can exhaust file descriptors and trigger broker crashes or hangs when remote attackers send many openwire failover:tcp:// connection requests. Remediation in the ...
CVE-2011-4905
Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial of service file-descriptor exhaustion and broker crash or hang by sending many openwire failover:tcp:// connection requests...
EUVD-2022-3455
Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial of service file-descriptor exhaustion and broker crash or hang by sending many openwire failover:tcp:// connection requests...
Apache ActiveMQ故障转移机制远程拒绝服务漏洞
BUGTRAQ ID: 50904 Apache ActiveMQ是流行的消息传输和集成模式提供程序。 Apache ActiveMQ实现上存在漏洞,在处理openwire连接请求时,failover机制在实现上存在问题,可被利用触发异常并造成代理服务崩溃 0 Apache Group ActiveMQ 5.x 厂商补丁: Apache Group ------------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://httpd.apache.org/...
Apache ActiveMQ XSS Vulnerability
Vulnerability Info: 26/04/2010 Issue Discovered 26/04/2010 Vendor Notified 27/04/2010 Vendor Conformed Class: Cross-Site Scripting Input validation Severity: Medium Overview: --------- Apache ActiveMQ is prone to cross-site scripting vulnerability. Technical Description: ---------------------- Th...
Apache ActiveMQ Cross Site Scripting
Vulnerability Info: 26/04/2010 Issue Discovered 26/04/2010 Vendor Notified 27/04/2010 Vendor Conformed Class: Cross-Site Scripting Input validation Severity: Medium Overview: --------- Apache ActiveMQ is prone to cross-site scripting vulnerability. Technical Description: ---------------------- Th...
Apache ActiveMQ version 5.3.x XSS Vulnerabilities
Exploit for php platform in category web applications ================================================= Apache ActiveMQ version 5.3.x XSS Vulnerabilities ================================================= Severity: Medium Overview: --------- Apache ActiveMQ is prone to cross-site scripting...
Apache ActiveMQ 'admin/queueBrowse' Cross Site Scripting Vulnerability
Apache ActiveMQ is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Design/Logic Flaw
The Jetty ResourceHandler in Apache ActiveMQ 5.x before 5.3.2 and 5.4.x before 5.4.0 allows remote attackers to read JSP source code via a // slash slash initial substring in a URI for 1 admin/index.jsp, 2 admin/queues.jsp, or 3 admin/topics.jsp...
CVE-2010-1587
The Jetty ResourceHandler in Apache ActiveMQ 5.x before 5.3.2 and 5.4.x before 5.4.0 allows remote attackers to read JSP source code via a // slash slash initial substring in a URI for 1 admin/index.jsp, 2 admin/queues.jsp, or 3 admin/topics.jsp...
CVE-2010-1587
The Jetty ResourceHandler in Apache ActiveMQ 5.x before 5.3.2 and 5.4.x before 5.4.0 allows remote attackers to read JSP source code via a // slash slash initial substring in a URI for 1 admin/index.jsp, 2 admin/queues.jsp, or 3 admin/topics.jsp...
CVE-2010-1587
The CVE-2010-1587 issue affects Apache ActiveMQ with the Jetty ResourceHandler. It enables a remote attacker to disclose JSP source code by sending a URI beginning with // that targets (admin/index.jsp, admin/queues.jsp, or admin/topics.jsp). Affected products/versions are ActiveMQ 5.x before 5.3...