ID de Prueba:	1.3.6.1.4.1.25623.1.0.901110
Categoría:	Web application abuses
Título:	Apache ActiveMQ Source Code Information Disclosure Vulnerability
Resumen:	Apache ActiveMQ is prone to source code information disclosure vulnerability.
Descripción:	Summary: Apache ActiveMQ is prone to source code information disclosure vulnerability. Vulnerability Insight: The flaw is caused by improper validation of URL. Adding '//' after the port in an URL causes it to disclose the JSP page source. Vulnerability Impact: Successful exploitation allows an attacker to view the source code of a visited page which can be used for further attacks. Affected Software/OS: Apache ActiveMQ 5.3.1 and prior. Solution: Upgrade to the latest version of ActiveMQ 5.4.0 SNAPSHOT or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-1587 BugTraq ID: 39636 http://www.securityfocus.com/bid/39636 Bugtraq: 20100422 Apache ActiveMQ is prone to source code disclosure vulnerability. (Google Search) http://www.securityfocus.com/archive/1/510896/100/0/threaded http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0278.html http://www.osvdb.org/64020 http://secunia.com/advisories/39567 http://www.vupen.com/english/advisories/2010/0979
Copyright	Copyright (C) 2010 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.