[
https://issues.apache.org/activemq/browse/AMQ-2700?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=59591#action_59591
]
Gary Tully commented on AMQ-2700:
---------------------------------
does this resolve the following, looks like it does to me, same sort of issue
about restricting access to the resource loader:
iDefense VCP Submission V-ay6t2oua0k
05/05/2010
Apache ActiveMQ Directory Traversal Vulnerability
Description:
Remote exploitation of a directory traversal vulnerability in Apache Software
Foundation's Apache ActiveMQ could allow an attacker to download files from a
restricted directory, which can result in information disclosure.
Apache ActiveMQ is a messaging and enterprise integration patterns provider.
The platform provides a Message Broker which handles communication between
several different applications. Apache ActiveMQ supports many popular
development languages including C/C++, Python, Java, and .NET. Apache ActiveMQ
runs on a variety of platforms, including Windows, Linux and Solaris
For more information, see the vendor's site at the following link:
http://activemq.apache.org
The vulnerability is due to a failure by the Message Broker to restrict
directory traversals. As a result, sensitive locations outside the configured
Message Broker restricted directory can be accessed by an attacker. No
authentication is required to access the ActiveMQ Message Broker service.
Analysis:
Exploitation of this vulnerability could allow an attacker to gain control over
the affected machine.
By specifying a URL location with multiple directory traversal sequences such
as "/\../\../\", it is possible for an attacker to access sensitive files
hosted on the Message Broker Server using the privileges associated with the
Message Broker process. An attacker may be able to read important system files,
which will result in information disclosure, and can potentially lead to full
host compromise.
iDefense considers this vulnerability to be of MEDIUM severity because the
vulnerability leads to information disclosure.
Credit:
AbdulAziz Hariri
> Apache ActiveMQ is prone to source code disclosure vulnerability.
> -----------------------------------------------------------------
>
> Key: AMQ-2700
> URL: https://issues.apache.org/activemq/browse/AMQ-2700
> Project: ActiveMQ
> Issue Type: Bug
> Affects Versions: 5.3.1
> Environment: Linux/Windows environment
> Reporter: Veerendra G.G
> Assignee: Dejan Bosanac
> Priority: Critical
> Fix For: 5.3.2, 5.4.0
>
> Attachments: SECPOD_ActiveMQ.txt
>
>
> An input validation error is present in Apache ActiveMQ. Adding '//' after the
> port in an URL causes it to disclose the JSP page source.
> This has been tested on various admin pages,
> admin/index.jsp, admin/queues.jsp, admin/topics.jsp etc.
> NOTE : Refer attached file for complete information/advisory.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
