|
Description
|
|
A vulnerability was reported in Apache ActiveMQ.
A remote attacker could exploit it via a directory traversal attack in order to put a jsp file in the admin console and execute shell command from there.
This vulnerability is located in the fileserver upload/download functionality, used for for blob messages.
Only setups on Windows are vulnerable.
|
|
|
|
|
|
Vulnerable Products
|
|
Vulnerable Software:
ActiveMQ (Apache Software Foundation) - 5.x
|
|
|
|
|
|
Solution
|
|
Apache has released versions 5.12.0 and 5.11.2 of ActiveMQ which fix this vulnerability.Workaround:In case fileserver is not used, you can disable that functionality. It can be done by removing (commenting out) the following lines from "conf\jetty.xml" file:<bean class="org.eclipse.jetty.webapp.WebAppContext"><property name="contextPath" value="/fileserver" /><property name="resourceBase" value="${activemq.home}/webapps/fileserver" /><property name="logUrlOnStart" value="true" /><property name="parentLoaderPriority" value="true" /></bean>
|
|
|
|
|
|
CVE
|
|
CVE-2015-1830
|
|
|
|
|
|
References
|
|
- Apache : CVE-2015-1830
Path traversal leading to unauthenticated RCE in ActiveMQ
http://activemq.apache.org/security-advisories.data/CVE-2015-1830-announcement.txt
|
|
|
|
|
|
Vulnerability Manager Detection
|
|
No
|
|
|
|
|
|
IPS Protection
|
|
|
|
|
|
|
