[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] CVE-2014-3120 ElasticSearch
From: Henri Salo <henri () nerv ! fi>
Date: 2014-07-30 7:09:11
Message-ID: 20140730070911.GA9168 () kludge ! henri ! nerv ! fi
[Download RAW message or body]
Heads up if you are using ElasticSearch. There has been several cases where
ElasticSearch has been used in server compromise. This is the vulnerability what
they are using. I have also seen this hitting honeypots.
ElasticSearch contains a flaw that is triggered as input passed via the 'source'
parameter to /_search is not properly sanitized. This allows a remote attacker
to manipulate files and execute arbitrary commands.
OSVDB: http://osvdb.org/106949
Good article:
http://bouk.co/blog/elasticsearch-rce/#how_to_secure_against_this_vulnerability
---
Henri Salo
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic