This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.
The remote web server is affected by an information disclosure
The version of ActiveMQ hosted on the remote web server has an
input validation error due to an issue with Jetty's ResourceHandler
when handling requests with additional leading slashes.
A remote attacker can leverage this issue to disclose the source
of pages, such as JSP pages, which may contain passwords and other
See also :
Either upgrade to the latest ActiveMQ 5.4 snapshot or apply the
workaround described in the bug report.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.1
Public Exploit Available : true