Lucene search
K

123 matches found

Mageia
Mageia
added 2017/02/02 7:17 p.m.27 views

Updated openafs packages fix security vulnerability

Due to incomplete initialization or clearing of reused memory, OpenAFS directory objects are likely to contain "dead" directory entry information. This extraneous information is not active - that is, it is logically invisible to the fileserver and client. However, the leaked information is...

5.3CVSS1.7AI score0.01685EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2016/10/06 4:18 p.m.7 views

activemq: Fileserver web application vulnerability allowing RCE

The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request...

9.8CVSS7.7AI score0.98518EPSS
Exploits19References6
Check Point Advisories
Check Point Advisories
added 2016/07/25 12:0 a.m.11 views

Apache ActiveMQ Fileserver Multi Methods Directory Traversal (CVE-2016-3088)

A directory traversal vulnerability exists in Apache ActiveMQ. The vulnerability is due to insufficient input validation in the destination header when processing a MOVE request or in the file upload functionality when processing a PUT request. A remote, unauthenticated attacker may exploit this...

7.5CVSS3.6AI score0.98518EPSS
Exploits19
OSV
OSV
added 2016/06/01 8:59 p.m.2 views

DEBIAN-CVE-2016-3088

The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request...

9.8CVSS7.7AI score0.98518EPSS
Exploits19References1
NVD
NVD
added 2016/06/01 8:59 p.m.30 views

CVE-2016-3088

The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request...

9.8CVSS9.1AI score0.98518EPSS
Exploits19References10
Prion
Prion
added 2016/06/01 8:59 p.m.32 views

Cross site request forgery (csrf)

The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request...

7.5CVSS7.9AI score0.98518EPSS
Exploits19References9Affected Software1
OSV
OSV
added 2016/06/01 8:59 p.m.2 views

UBUNTU-CVE-2016-3088

The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request...

9.8CVSS7.5AI score0.98518EPSS
Exploits19References4
CVE
CVE
added 2016/06/01 8:0 p.m.1153 views

CVE-2016-3088

CVE-2016-3088 affects Apache ActiveMQ 5.x prior to 5.14.0. The Fileserver web application vulnerable to remote code execution via an HTTP PUT followed by an HTTP MOVE request allows an attacker to upload and execute arbitrary files on the server. Connected PoC repositories describe Python-based a...

9.8CVSS9.7AI score0.98518EPSS
In wildExploits19References10Affected Software1
Cvelist
Cvelist
added 2016/06/01 8:0 p.m.36 views

CVE-2016-3088

The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request...

9.1AI score0.98518EPSS
Exploits19References9
Debian CVE
Debian CVE
added 2016/06/01 8:0 p.m.48 views

CVE-2016-3088

The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request...

9.8CVSS9.1AI score0.98518EPSS
Exploits19
CNVD
CNVD
added 2016/05/25 12:0 a.m.2 views

Apache ActiveMQ Fileserver Remote Code Execution Vulnerability

Apache ActiveMQ is the messaging and integration model provider . A remote code execution vulnerability exists in the Apache ActiveMQ Fileserver web program, which could allow a remote attacker to replace the web application with malicious code to execute remote code on an affected system...

9.8CVSS9.1AI score0.98518EPSS
Exploits19References1
RedhatCVE
RedhatCVE
added 2016/05/24 5:18 p.m.68 views

CVE-2016-3088

The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request. Mitigation Users are advised to use other FTP and HTTP based file servers for transferring blob messages. Fileserver...

9.8CVSS2.8AI score0.98518EPSS
Exploits19References2
Positive Technologies
Positive Technologies
added 2016/05/24 12:0 a.m.5 views

PT-2016-3434

Name of the Vulnerable Software and Affected Versions Apache ActiveMQ versions 5.x through 5.13.x Description The issue exists due to insufficient input validation in the Fileserver web application. It allows a remote attacker to upload and execute arbitrary files via an HTTP PUT request followed...

10CVSS7.6AI score0.98518EPSS
Exploits19References44
Zero Day Initiative
Zero Day Initiative
added 2016/05/24 12:0 a.m.163 views

Apache ActiveMQ MOVE Method Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apache ActiveMQ. Authentication may or may not be required to exploit this vulnerability, according to how the product has been configured. The specific flaw exists within the fileserver web servic...

7.5CVSS2AI score0.98518EPSS
Exploits19References1
Zero Day Initiative
Zero Day Initiative
added 2016/05/24 12:0 a.m.160 views

Apache ActiveMQ Fileserver File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apache ActiveMQ. Authentication may or may not be required to exploit this vulnerability, depending on how the product has been configured. The specific flaw exists within the "fileserver" web...

7.5CVSS3.3AI score0.98518EPSS
Exploits19References1
OpenVAS
OpenVAS
added 2015/10/13 12:0 a.m.34 views

SUSE: Security Advisory for Samba (SUSE-SU-2014:0497-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS7.7AI score0.10642EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2015/08/31 12:0 a.m.70 views

Apache ActiveMQ RestFilter Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apache ActiveMQ. Authentication is not required to exploit this vulnerability. The specific flaw exists within ActiveMQ fileserver web application. By issuing specially crafted requests, an attacke...

7.5CVSS9.4AI score0.84408EPSS
Exploits7References1
Prion
Prion
added 2015/08/19 3:59 p.m.21 views

Directory traversal

Directory traversal vulnerability in the fileserver upload/download functionality for blob messages in Apache ActiveMQ 5.x before 5.11.2 for Windows allows remote attackers to create JSP files in arbitrary directories via unspecified vectors...

5CVSS7.1AI score0.84408EPSS
Exploits7References7Affected Software1
UbuntuCve
UbuntuCve
added 2015/08/19 3:59 p.m.26 views

CVE-2015-1830

Directory traversal vulnerability in the fileserver upload/download functionality for blob messages in Apache ActiveMQ 5.x before 5.11.2 for Windows allows remote attackers to create JSP files in arbitrary directories via unspecified vectors...

5CVSS7.2AI score0.84408EPSS
Exploits7References2
Cvelist
Cvelist
added 2015/08/19 3:0 p.m.28 views

CVE-2015-1830

Directory traversal vulnerability in the fileserver upload/download functionality for blob messages in Apache ActiveMQ 5.x before 5.11.2 for Windows allows remote attackers to create JSP files in arbitrary directories via unspecified vectors...

9.4AI score0.84408EPSS
Exploits7References7
Rows per page
Query Builder