Category Archives: Checkpoint

Checkpoint

Apache ActiveMQ Fileserver Multi Methods Directory Traversal (CVE-2016-3088)

A directory traversal vulnerability exists in Apache ActiveMQ. The vulnerability is due to insufficient input validation in the destination header when processing a MOVE request or in the file upload functionality when processing a PUT request. A remote, unauthenticated attacker may exploit this vulnerability by sending a file with a PUT request, followed by a crafted MOVE request to the server or by sending a malicious file using a crafted PUT request to replace executable components of ActiveMQ.