oss-sec mailing list archives
[ANNOUNCE] CVE-2015-1830 - Path traversal leading to unauthenticated RCE in ActiveMQ
From: Dejan Bosanac <dejan () nighttale net>
Date: Mon, 17 Aug 2015 14:29:05 +0200
A security vulnerabilities is reported against Apache ActiveMQ 5.11.1 and older versions Please check the following document and see if you’re affected http://activemq.apache.org/security-advisories.data/CVE-2015-1830-announcement.txt Apache ActiveMQ 5.12.0 and 5.11.2 with appropriate fixes are released and available for upgrade. There's also a configuration workaround that resolves the problem (described in the announcement). Regards -- Dejan Bosanac about.me/dejanb
Current thread:
- [ANNOUNCE] CVE-2015-1830 - Path traversal leading to unauthenticated RCE in ActiveMQ Dejan Bosanac (Aug 17)