[rabbitmq-discuss] Possible RabbitMQ 3.0.4 Management Plug-in (Mochiweb) Directory Traversal Vulnerability?

Zach Austin zachary.w.austin at gmail.com
Wed Jul 10 01:05:46 BST 2013

Hello all,

A commercial off-the-shelf vulnerability scanner is detecting a directory 
traversal vulnerability in the RabbitMQ management plugin HTTP server 
(Mochiweb) installed in the default configuration on Windows Server 2003. 
Exploitation of the vulnerability reportedly does not require 

I can provide details upon request.  Please let me know if this is a known 
issue and whether there are patches available that may resolve this issue.

Thank you.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/attachments/20130709/60b9c190/attachment.htm>

More information about the rabbitmq-discuss mailing list