6 matches found
Apache ActiveMQ JSP Files Source Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache ActiveMQ JSP Files Source Disclosure', 'Description' = %q This module exploits a source code disclosure in Apache ActiveMQ. The...
org.apache.activemq:apache-activemq (>=5.0.0 <=5.19.7), org.apache.axis2:axis2-integration (=1.4) +4 more potentially affected by CVE-2010-1587 via org.apache.activemq:activemq-web-console (>=5.0.0 <=5.3.0)
org.apache.activemq:activemq-web-console MAVEN version =5.0.0, =5.0.0, =5.19.7 - org.apache.axis2:axis2-integration =1.4 - org.apache.camel:camel-example-cxf =1.3.0 - org.apache.camel:camel-example-jms-file =1.3.0 - org.apache.camel:camel-example-spring-xquery =1.3.0 -...
Security Bulletin: Security vulnerabilities in ActiveMQ 5.2.0 affect IBM Sterling B2B Integrator (CVE-2015-1830, CVE-2014-8110, CVE-2013-3060, CVE-2013-1880, CVE-2013-1879, CVE-2012-6551, CVE-2012-6092, CVE-2010-1587, CVE-2010-1244, CVE-2010-0684)
Summary Multiple directory traversal, cross-site scripting, denial of service and cross-site request forgery security vulnerabilities in ActiveMQ 5.2.0. IBM Sterling B2B Integrator has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-1830 DESCRIPTION: Apache ActiveMQ could all...
Apache ActiveMQ JSP Files Source Disclosure
This module exploits a source code disclosure in Apache ActiveMQ. The vulnerability is due to the Jetty's ResourceHandler handling of specially crafted URI's starting with //. It has been tested successfully on Apache ActiveMQ 5.3.1 over Windows 2003 SP2 and Ubuntu 10.04. This module requires...
CVE-2010-1587
The CVE-2010-1587 issue affects Apache ActiveMQ with the Jetty ResourceHandler. It enables a remote attacker to disclose JSP source code by sending a URI beginning with // that targets (admin/index.jsp, admin/queues.jsp, or admin/topics.jsp). Affected products/versions are ActiveMQ 5.x before 5.3...
CVE-2010-1587
creationtimestamp| type| source ---|---|--- 2010-04-22 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/33868 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/apacheactivemqsourcedisclosure.rb 2018-05-29...