123 matches found
Updated openafs packages fix security vulnerability
Due to incomplete initialization or clearing of reused memory, OpenAFS directory objects are likely to contain "dead" directory entry information. This extraneous information is not active - that is, it is logically invisible to the fileserver and client. However, the leaked information is...
activemq: Fileserver web application vulnerability allowing RCE
The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request...
Apache ActiveMQ Fileserver Multi Methods Directory Traversal (CVE-2016-3088)
A directory traversal vulnerability exists in Apache ActiveMQ. The vulnerability is due to insufficient input validation in the destination header when processing a MOVE request or in the file upload functionality when processing a PUT request. A remote, unauthenticated attacker may exploit this...
DEBIAN-CVE-2016-3088
The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request...
CVE-2016-3088
The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request...
Cross site request forgery (csrf)
The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request...
UBUNTU-CVE-2016-3088
The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request...
CVE-2016-3088
CVE-2016-3088 affects Apache ActiveMQ 5.x prior to 5.14.0. The Fileserver web application vulnerable to remote code execution via an HTTP PUT followed by an HTTP MOVE request allows an attacker to upload and execute arbitrary files on the server. Connected PoC repositories describe Python-based a...
CVE-2016-3088
The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request...
CVE-2016-3088
The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request...
Apache ActiveMQ Fileserver Remote Code Execution Vulnerability
Apache ActiveMQ is the messaging and integration model provider . A remote code execution vulnerability exists in the Apache ActiveMQ Fileserver web program, which could allow a remote attacker to replace the web application with malicious code to execute remote code on an affected system...
CVE-2016-3088
The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request. Mitigation Users are advised to use other FTP and HTTP based file servers for transferring blob messages. Fileserver...
PT-2016-3434
Name of the Vulnerable Software and Affected Versions Apache ActiveMQ versions 5.x through 5.13.x Description The issue exists due to insufficient input validation in the Fileserver web application. It allows a remote attacker to upload and execute arbitrary files via an HTTP PUT request followed...
Apache ActiveMQ MOVE Method Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apache ActiveMQ. Authentication may or may not be required to exploit this vulnerability, according to how the product has been configured. The specific flaw exists within the fileserver web servic...
Apache ActiveMQ Fileserver File Upload Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apache ActiveMQ. Authentication may or may not be required to exploit this vulnerability, depending on how the product has been configured. The specific flaw exists within the "fileserver" web...
SUSE: Security Advisory for Samba (SUSE-SU-2014:0497-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Apache ActiveMQ RestFilter Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apache ActiveMQ. Authentication is not required to exploit this vulnerability. The specific flaw exists within ActiveMQ fileserver web application. By issuing specially crafted requests, an attacke...
Directory traversal
Directory traversal vulnerability in the fileserver upload/download functionality for blob messages in Apache ActiveMQ 5.x before 5.11.2 for Windows allows remote attackers to create JSP files in arbitrary directories via unspecified vectors...
CVE-2015-1830
Directory traversal vulnerability in the fileserver upload/download functionality for blob messages in Apache ActiveMQ 5.x before 5.11.2 for Windows allows remote attackers to create JSP files in arbitrary directories via unspecified vectors...
CVE-2015-1830
Directory traversal vulnerability in the fileserver upload/download functionality for blob messages in Apache ActiveMQ 5.x before 5.11.2 for Windows allows remote attackers to create JSP files in arbitrary directories via unspecified vectors...