795 matches found
CVE-2011-4905
Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial of service file-descriptor exhaustion and broker crash or hang by sending many openwire failover:tcp:// connection requests...
CVE-2011-4905
Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial of service file-descriptor exhaustion and broker crash or hang by sending many openwire failover:tcp:// connection requests...
EUVD-2022-3455
Apache ActiveMQ before 5.6.0 allows remote attackers to cause a denial of service file-descriptor exhaustion and broker crash or hang by sending many openwire failover:tcp:// connection requests...
CVE-2011-4905
CVE-2011-4905 : Apache ActiveMQ is vulnerable to denial of service via the failover path. Specifically, ActiveMQ versions before 5.6.0 can exhaust file descriptors and trigger broker crashes or hangs when remote attackers send many openwire failover:tcp:// connection requests. Remediation in the ...
Apache ActiveMQ故障转移机制远程拒绝服务漏洞
BUGTRAQ ID: 50904 Apache ActiveMQ是流行的消息传输和集成模式提供程序。 Apache ActiveMQ实现上存在漏洞,在处理openwire连接请求时,failover机制在实现上存在问题,可被利用触发异常并造成代理服务崩溃 0 Apache Group ActiveMQ 5.x 厂商补丁: Apache Group ------------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://httpd.apache.org/...
Apache ActiveMQ XSS Vulnerability
Vulnerability Info: 26/04/2010 Issue Discovered 26/04/2010 Vendor Notified 27/04/2010 Vendor Conformed Class: Cross-Site Scripting Input validation Severity: Medium Overview: --------- Apache ActiveMQ is prone to cross-site scripting vulnerability. Technical Description: ---------------------- Th...
Apache ActiveMQ Cross Site Scripting
Vulnerability Info: 26/04/2010 Issue Discovered 26/04/2010 Vendor Notified 27/04/2010 Vendor Conformed Class: Cross-Site Scripting Input validation Severity: Medium Overview: --------- Apache ActiveMQ is prone to cross-site scripting vulnerability. Technical Description: ---------------------- Th...
Apache ActiveMQ 'admin/queueBrowse' Cross Site Scripting Vulnerability
Apache ActiveMQ is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Apache ActiveMQ version 5.3.x XSS Vulnerabilities
Exploit for php platform in category web applications ================================================= Apache ActiveMQ version 5.3.x XSS Vulnerabilities ================================================= Severity: Medium Overview: --------- Apache ActiveMQ is prone to cross-site scripting...
Design/Logic Flaw
The Jetty ResourceHandler in Apache ActiveMQ 5.x before 5.3.2 and 5.4.x before 5.4.0 allows remote attackers to read JSP source code via a // slash slash initial substring in a URI for 1 admin/index.jsp, 2 admin/queues.jsp, or 3 admin/topics.jsp...
CVE-2010-1587
The Jetty ResourceHandler in Apache ActiveMQ 5.x before 5.3.2 and 5.4.x before 5.4.0 allows remote attackers to read JSP source code via a // slash slash initial substring in a URI for 1 admin/index.jsp, 2 admin/queues.jsp, or 3 admin/topics.jsp...
CVE-2010-1587
The Jetty ResourceHandler in Apache ActiveMQ 5.x before 5.3.2 and 5.4.x before 5.4.0 allows remote attackers to read JSP source code via a // slash slash initial substring in a URI for 1 admin/index.jsp, 2 admin/queues.jsp, or 3 admin/topics.jsp...
CVE-2010-1587
The CVE-2010-1587 issue affects Apache ActiveMQ with the Jetty ResourceHandler. It enables a remote attacker to disclose JSP source code by sending a URI beginning with // that targets (admin/index.jsp, admin/queues.jsp, or admin/topics.jsp). Affected products/versions are ActiveMQ 5.x before 5.3...
Apache ActiveMQ 5.3 - adminqueueBrowse Cross-Site Scripting
Apache ActiveMQ 5.3 - adminqueueBrowse Cross-Site Scripting source: https://www.securityfocus.com/bid/39771/info Apache ActiveMQ is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...
Apache ActiveMQ 5.3 - 'admin/queueBrowse' Cross-Site Scripting
source: https://www.securityfocus.com/bid/39771/info Apache ActiveMQ is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the conte...
Apache ActiveMQ is prone to source code disclosure vulnerability.
Apache ActiveMQ Source Code Disclosure Vulnerability SecPod Technologies www.secpod.com Author Veerendra G.G SecPod ID: 1002 04/18/2010 Issue Discovered 04/20/2010 Vendor Notified 04/21/2010 Fix Available Class: Source code disclosure Severity: Medium Overview: --------- Apache ActiveMQ is prone ...
Apache ActiveMQ URL请求源码泄露漏洞
BUGTRAQ ID: 39636 Apache ActiveMQ是流行的消息传输和集成模式提供程序。 Apache ActiveMQ中存在输入验证错误,用户在提交给admin/index.jsp、admin/queues.jsp、admin /topics.jsp等管理页面的URL请求后附加“//”就可以读取JSP页面源码。 0 Apache Group ActiveMQ 5.3.1 临时解决方法: 1. 到$ACTIVEMQHOME/webapps目录下 2. 创建名为static的新目录 - mkdir static 3. 将index.html文件移动到该目录下 - mv...
Apache ActiveMQ Double Slash Request Source Code Disclosure
The version of Apache ActiveMQ hosted on the remote web server is affected by a source code disclosure vulnerability in the Jetty ResourceHandler when handling requests to a JSP file with additional leading slashes. A remote attacker can exploit this to disclose the source code of pages, which ma...
Apache ActiveMQ Source Code Disclosure
Apache ActiveMQ Source Code Disclosure Vulnerability SecPod Technologies www.secpod.com Author Veerendra G.G SecPod ID: 1002 04/18/2010 Issue Discovered 04/20/2010 Vendor Notified 04/21/2010 Fix Available Class: Source code disclosure Severity: Medium Overview: --------- Apache ActiveMQ is prone ...
Apache ActiveMQ Source Code Information Disclosure Vulnerability
Apache ActiveMQ is prone to source code information disclosure vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...