This Metasploit module exploits a vulnerability that allows remote attackers to execute arbitrary code on vulnerable installations of Apache Shiro version 1.2.4.
0f186f161bc8220e1b6f8e1a04626191746fd3904db4d3e3cd00c8971c1ab028
Red Hat Security Advisory 2016-2036-01 - Red Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards-compliant messaging system that is tailored for use in mission critical applications. Red Hat JBoss A-MQ 6.3 is a minor product release that updates Red Hat JBoss A-MQ 6.2.1, and includes several bug fixes and enhancements.
8cd86d79430eaadf742abab2ced8d9fbde2fbc11d3d9b054c93757686c935292
Red Hat Security Advisory 2016-2035-01 - Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat JBoss Fuse 6.3 is a minor product release that updates Red Hat JBoss Fuse 6.2.1, and includes several bug fixes and enhancements.
783d844b4a979957118ea3b2ddd3e8f2ab6d7c6074b85f24619161724330d970
Apache Shiro versions 1.0.0-incubating through 1.2.4 suffer from an information disclosure vulnerability.
7f3f67607bcb0b11683159589f2327ab0253244f1398897c94b94f1c8ef20ce6