CVE-2018-11775 – activemq: ActiveMQ Client Missing TLS Hostname Verification
https://notcve.org/view.php?id=CVE-2018-11775
TLS hostname verification when using the Apache ActiveMQ Client before 5.15.6 was missing which could make the client vulnerable to a MITM attack between a Java application using the ActiveMQ client and the ActiveMQ server. This is now enabled by default. Falta la verificación de nombres de host TLS al emplear Apache ActiveMQ Client en versiones anteriores a la 5.15.6, lo que podría hacer que el cliente sea vulnerable a un ataque Man-in-the-Middle (MitM) entre una aplicación Java que emplea el cliente ActiveMQ y el servidor ActiveMQ. Ahora está habilitado por defecto. • http://activemq.apache.org/security-advisories.data/CVE-2018-11775-announcement.txt http://www.securityfocus.com/bid/105335 http://www.securitytracker.com/id/1041618 https://access.redhat.com/errata/RHSA-2019:3892 https://lists.apache.org/thread.html/03f91b1fb85686a848cee6b90112cf6059bd1b21b23bacaa11a962e1%40%3Cdev.activemq.apache.org%3E https://lists.apache.org/thread.html/2b5c0039197a4949f29e1e2c9441ab38d242946b966f61c110808bcc%40%3Ccommits.activemq.apache.org%3E https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef2 • CWE-295: Improper Certificate Validation •
CVE-2017-15709
https://notcve.org/view.php?id=CVE-2017-15709
When using the OpenWire protocol in ActiveMQ versions 5.14.0 to 5.15.2 it was found that certain system details (such as the OS and kernel version) are exposed as plain text. Al utilizar el protocolo OpenWire en ActiveMQ, versiones 5.14.0 a 5.15.2, se ha descubierto que ciertos detalles del sistema (como el sistema operativo y la versión del kernel) se exponen en texto plano. • https://lists.apache.org/thread.html/03f91b1fb85686a848cee6b90112cf6059bd1b21b23bacaa11a962e1%40%3Cdev.activemq.apache.org%3E https://lists.apache.org/thread.html/2b5c0039197a4949f29e1e2c9441ab38d242946b966f61c110808bcc%40%3Ccommits.activemq.apache.org%3E https://lists.apache.org/thread.html/2b6f04a552c6ec2de6563c2df3bba813f0fe9c7e22cce27b7829db89%40%3Cdev.activemq.apache.org%3E https://lists.apache.org/thread.html/3f1e41bc9153936e065ca3094bd89ff8167ad2d39ac0b410f24382d2%40%3Cgitbox.activemq.apache.org%3E https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2% • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2016-6810
https://notcve.org/view.php?id=CVE-2016-6810
In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site scripting vulnerability was identified to be present in the web based administration console. The root cause of this issue is improper user data output validation. En Apache ActiveMQ en versiones 5.x anteriores a la 5.14.2, se ha identificado una instancia de una vulnerabilidad Cross-Site Scripting (XSS) que está presente en la consola de administración web. La causa del problema es la validación incorrecta de los datos de salida del usuario. • http://activemq.apache.org/security-advisories.data/CVE-2016-6810-announcement.txt http://www.securityfocus.com/bid/94882 http://www.securitytracker.com/id/1037475 https://lists.apache.org/thread.html/924a3a27fad192d711436421e02977ff90d9fc0f298e1efe6757cfbc%40%3Cusers.activemq.apache.org%3E https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2016-3088 – Apache ActiveMQ Improper Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2016-3088
The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request. La aplicación web Fileserver en Apache ActiveMQ 5.x en versiones anteriores a 5.14.0 permite a atacantes remotos cargar y ejecutar archivos arbitrarios a través de un PUT HTTP seguido de una petición MOVE HTTP. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apache ActiveMQ. Authentication may or may not be required to exploit this vulnerability, according to how the product has been configured. The specific flaw exists within the fileserver web service that is installed as part of this product. By issuing an HTTP PUT request and an HTTP MOVE request, an attacker can create an arbitrary file on the server with attacker controlled data. • https://www.exploit-db.com/exploits/42283 https://www.exploit-db.com/exploits/40857 https://github.com/Ma1Dong/ActiveMQ_putshell-CVE-2016-3088 https://github.com/cyberaguiar/CVE-2016-3088 https://github.com/cl4ym0re/CVE-2016-3088 https://github.com/pudiding/CVE-2016-3088 https://github.com/vonderchild/CVE-2016-3088 http://activemq.apache.org/security-advisories.data/CVE-2016-3088-announcement.txt http://rhn.redhat.com/errata/RHSA-2016-2036.html http://www.securitytracker.com • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2016-0734 – activemq: Clickjacking in Web Console
https://notcve.org/view.php?id=CVE-2016-0734
The web-based administration console in Apache ActiveMQ 5.x before 5.13.2 does not send an X-Frame-Options HTTP header, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web page that contains a (1) FRAME or (2) IFRAME element. La consola de administración basada en web en Apache ActiveMQ 5.x en versiones anteriores a 5.13.2 no envía una cabecera X-Frame-Options HTTP, lo que facilita a atacantes remotos llevar a cabo ataques de secuestro de clic a través de una página web manipulada que contiene un elemento (1) FRAME o (2) IFRAME. It was reported that the web based administration console does not set the X-Frame-Options header in HTTP responses. This allows the console to be embedded in a frame or iframe which could then be used to cause a user to perform an unintended action in the console. • http://activemq.apache.org/security-advisories.data/CVE-2016-0734-announcement.txt http://www.openwall.com/lists/oss-security/2016/03/10/11 http://www.securityfocus.com/bid/84321 http://www.securitytracker.com/id/1035327 https://access.redhat.com/errata/RHSA-2016:1424 https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2%40%3Ccommits.activemq.apache.org%3E https://access.redhat.com/security/cve/CVE-2016-0734 https://bugzilla.redhat.com/show_bug.cgi?id=1317520 • CWE-254: 7PK - Security Features •