Apache ActiveMQ Failover Mechanism Remote Denial Of Service Vulnerability
BID:50904
Info
Apache ActiveMQ Failover Mechanism Remote Denial Of Service Vulnerability
| Bugtraq ID: | 50904 |
| Class: | Input Validation Error |
| CVE: |
CVE-2011-4905 |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 05 2011 12:00AM |
| Updated: | Dec 30 2011 04:50PM |
| Credit: | Luca Carettoni |
| Vulnerable: |
Apache Software Foundation Apache ActiveMQ 5.5 Apache Software Foundation Apache ActiveMQ 5.3.1 Apache Software Foundation Apache ActiveMQ 5.3 Apache Software Foundation Apache ActiveMQ 5.2 Apache Software Foundation Apache ActiveMQ 5.4 SNAPSHOT Apache Software Foundation Apache ActiveMQ 5.4 |
| Not Vulnerable: | |
Discussion
Apache ActiveMQ Failover Mechanism Remote Denial Of Service Vulnerability
Apache ActiveMQ is prone to a denial-of-service vulnerability.
An attacker can exploit this issue to trigger an exception and cause the broker service to crash.
Apache ActiveMQ is prone to a denial-of-service vulnerability.
An attacker can exploit this issue to trigger an exception and cause the broker service to crash.
Exploit / POC
Apache ActiveMQ Failover Mechanism Remote Denial Of Service Vulnerability
An attacker can use readily available network utilities to exploit this issue.
An attacker can use readily available network utilities to exploit this issue.
Solution / Fix
Apache ActiveMQ Failover Mechanism Remote Denial Of Service Vulnerability
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
Apache ActiveMQ Failover Mechanism Remote Denial Of Service Vulnerability
References:
References:
- Apache ActiveMQ Failover Mechanism Remote Denial Of Service Vulnerability (Luca Carettoni)
- Apache ActiveMQ Homepage (Apache Software Foundation)