SecuritySpace - CVE-2015-6524

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2015-6524

Description: The LDAPLoginModule implementation in the Java Authentication and Authorization Service (JAAS) in Apache ActiveMQ 5.x before 5.10.1 allows wildcard operators in usernames, which allows remote attackers to obtain credentials via a brute force attack. NOTE: this identifier was SPLIT from CVE-2014-3612 per ADT2 due to different vulnerability types.

Test IDs: 1.3.6.1.4.1.25623.1.0.869989

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2015-6524
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168094.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168651.html

CVE ID:	CVE-2015-6524
Description:	The LDAPLoginModule implementation in the Java Authentication and Authorization Service (JAAS) in Apache ActiveMQ 5.x before 5.10.1 allows wildcard operators in usernames, which allows remote attackers to obtain credentials via a brute force attack. NOTE: this identifier was SPLIT from CVE-2014-3612 per ADT2 due to different vulnerability types.
Test IDs:	1.3.6.1.4.1.25623.1.0.869989
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2015-6524 http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168094.html http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168651.html