ID de Prueba:	1.3.6.1.4.1.25623.1.0.808146
Categoría:	Web application abuses
Título:	Apache ActiveMQ Arbitrary Code Execution Vulnerability (Jun 2016)
Resumen:	Apache ActiveMQ is prone to an arbitrary code execution vulnerability.
Descripción:	Summary: Apache ActiveMQ is prone to an arbitrary code execution vulnerability. Vulnerability Insight: The flaw exists due to an error in 'fileserver' web application, which does not validate 'HTTP PUT' and 'HTTP MOVE' requests properly. Vulnerability Impact: Successful exploitation will allow remote attackers to replace web application files with malicious code and perform remote code execution on the system. Affected Software/OS: Apache ActiveMQ Version 5.x to 5.13.2. Solution: Upgrade to Apache ActiveMQ Version 5.14.0 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-3088 https://www.exploit-db.com/exploits/42283/ http://www.zerodayinitiative.com/advisories/ZDI-16-356 http://www.zerodayinitiative.com/advisories/ZDI-16-357 https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E https://lists.apache.org/thread.html/f956ea38e4da2e2c1e7131e6f91e41754852f5a4861d1a14ca5ca78a@%3Cusers.activemq.apache.org%3E https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E RedHat Security Advisories: RHSA-2016:2036 http://rhn.redhat.com/errata/RHSA-2016-2036.html http://www.securitytracker.com/id/1035951
Copyright	Copyright (C) 2016 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.