13 lines
704 B
Text
Executable file
13 lines
704 B
Text
Executable file
source: http://www.securityfocus.com/bid/39636/info
|
|
|
|
Apache ActiveMQ is prone to a vulnerability that lets attackers access source code because it fails to properly sanitize user-supplied input.
|
|
|
|
An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable computer in the context of the webserver process. Information obtained may aid in further attacks.
|
|
|
|
Apache ActiveMQ 5.3.1 and prior are vulnerable.
|
|
|
|
NOTE: This vulnerability may be related to BID 27117 (Jetty Double Slash URI Information Disclosure Vulnerability).
|
|
|
|
http://www.example.com:8161//admin/index.jsp
|
|
http://www.example.com:8161//admin/queues.jsp
|
|
http://www.example.com:8161//admin/topics.jsp
|