Apache ActiveMQ Fileserver remote code execution vulnerability in CVE-2016-3088)

Apache ActiveMQ Fileserver remote code execution vulnerability in CVE-2016-3088)
Apache ActiveMQ Fileserver remote code execution vulnerability in CVE-2016-3088)

Release date:
Updated on:

Affected Systems:

Apache Group ActiveMQ 5.0.0-5.13.2

Description:

CVE (CAN) ID: CVE-2016-3088

Apache ActiveMQ is a message transmission and integration mode provider.

Apache ActiveMQ Fileserver web programs have multiple security vulnerabilities, which allow remote attackers to replace Web applications with malicious code and execute remote code on affected systems.

<* Source: Simon Zuckerbraun
*>

Suggestion:

Vendor patch:

Apache Group
------------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://activemq.apache.org/security-advisories.data/CVE-2016-3088-announcement.txt

Recommended reading:

Spring + Log4j + ActiveMQ Remote logging-practice + Analysis

ActiveMQ practice in Spring

ActiveMQ installation in Linux

ACTIVEMQ server in Ubuntu

Error solving when ActiveMQ is started in CentOS 6.5

Spring + JMS + ActiveMQ + Tomcat Implement Message Service

Set ActiveMQ port and WEB port in Linux

ActiveMQ details: click here
ActiveMQ: click here

This article permanently updates the link address: