Download Apache Activemq 5.15 8 !FREE!
Glenda Cavicchia
Jack Tauson wrote:Right. In spite of it telling me that it's already running, I am wondering why I'm not able to see it listening on port 61616?
The following command doesn't shows anything :[activemq@myservername apache-activemq-5.15.11]$ netstat -a grep 61616[activemq@myservername apache-activemq-5.15.11]$
Whereas, on the other RHEL server, where it is running, I can see the following:
[jtauson@myservernam1 apache-activemq-5.15.8]$ netstat -natp grep 61616(Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.)tcp 0 0 0.0.0.0:61616 0.0.0.0:* LISTEN -tcp 0 0 127.0.0.1:41290 127.0.0.1:61616 ESTABLISHED -tcp 0 0 127.0.0.1:61616 127.0.0.1:41290 ESTABLISHED -
Ron McLeod wrote:Jack Tauson wrote:Right. In spite of it telling me that it's already running, I am wondering why I'm not able to see it listening on port 61616?
The following command doesn't shows anything :[activemq@myservername apache-activemq-5.15.11]$ netstat -a grep 61616[activemq@myservername apache-activemq-5.15.11]$
Whereas, on the other RHEL server, where it is running, I can see the following:
[jtauson@myservernam1 apache-activemq-5.15.8]$ netstat -natp grep 61616(Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.)tcp 0 0 0.0.0.0:61616 0.0.0.0:* LISTEN -tcp 0 0 127.0.0.1:41290 127.0.0.1:61616 ESTABLISHED -tcp 0 0 127.0.0.1:61616 127.0.0.1:41290 ESTABLISHED -
Ron McLeod wrote:Well .. my first guess would be that it is not configured to use port 61616. Check your configuration to verify (I think it is an attribute of the transportConnector element in the activemq.xml file).
Ron McLeod wrote:Ron McLeod wrote:Well .. my first guess would be that it is not configured to use port 61616. Check your configuration to verify (I think it is an attribute of the transportConnector element in the activemq.xml file).
Jack Tauson wrote:[activemq@myserver apache-activemq-5.15.11]$ netstat -a grep 61616tcp6 0 0 [::]:61616 [::]:* LISTEN
However, I'm still not sure why it's picking up "tcp6" instead of "tcp" above.
Sonatype Nexus auditor is reporting following log4j related security issue on Apache ActiveMQ 5.15.10 and 5.15.11. Recommendation is to use org.apache.logging.log4j:log4j-core version(s) 2.8.2 and above. Can you please check if Apache ActiveMQ is vulnerable and if so upgrade based on the recommendation?
NOTE: Starting with version(s) 2.x, log4j:log4j was relocated to org.apache.logging.log4j:log4j-core. A variation of this vulnerability exists in org.apache.logging.log4j:log4j-core as CVE-2017-5645, in versions up to but excluding 2.8.2.
Detection
Starting with version(s) 2.x, log4j:log4j was relocated to org.apache.logging.log4j:log4j-core. A variation of this vulnerability exists in org.apache.logging.log4j:log4j-core as CVE-2017-5645, in versions up to but excluding 2.8.2. Therefore, it is recommended to upgrade to org.apache.logging.log4j:log4j-core version(s) 2.8.2 and above. For log4j:log4j 1.x versions however, a fix does not exist.
Root Cause
activemq-all-5.15.10.jar
Executing the preliminary phases of the attack, such as conducting port scanning (61616/tcp apachemq ActiveMQ OpenWire transport) and accessing the admin interface using the default credentials "admin/admin," revealed that the ActiveMQ version in use was "5.15.15." By accessing the PRIOn Knowledge Base, the exploitation tab revealed that numerous exploits exist to exploit this vulnerability.
Amazon MQ has released the latest ActiveMQ minor versions 5.15.16, 5.16.7, 5.17.6 with a critical update. We have deprecated the older minor versions of ActiveMQ and will be updating all brokers on any version of 5.15 to 5.15.16, or 5.16 to 5.16.7 and 5.17 to 5.17.6.
I am testing an ActiveMQ with SoapUI - HermesJMS but I got the error "baseDirectory is not a valid property for org.apache.activemq.ActiveMQConnectionFactory - removed". After I selected the plug-in ActivateMQ, I cannot open the created session to add properties or change the properties.
2023-10-31 05:04:58,736 WARN Transport Connection to: tcp://192.168.86.35:15871 failed: java.net.SocketException: An established connection was aborted by the software in your host machine org.apache.activemq.broker.TransportConnection.Transport ActiveMQ Transport: tcp:///192.168.86.35:15871@61616
df19127ead