1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Apache ActiveMQ CVE-2016-3088

Web Attack: Apache ActiveMQ CVE-2016-3088

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit an arbitrary file upload vulnerability in Apache ActiveMQ.

Additional Information

Apache ActiveMQ is a Message Broker and Enterprise Integration Patterns provider. It is implemented in Java and available for a number of platforms.

Apache ActiveMQ is prone to multiple arbitrary file-upload vulnerabilities. Specifically, this issue affects the fileserver upload or download functionality for blob messages. Attackers can exploit these issues by issuing an HTTP PUT request and an HTTP MOVE request, an attacker can create an arbitrary file on the server.

An attacker may leverage these issues to upload arbitrary files to the affected computer; this can result in arbitrary code execution within the context of the vulnerable application.

Affected

  • Apache ActiveMQ.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube