Date: Wed, 30 Jul 2014 10:09:11 +0300 From: Henri Salo <henri@...v.fi> To: oss-security@...ts.openwall.com Subject: CVE-2014-3120 ElasticSearch Heads up if you are using ElasticSearch. There has been several cases where ElasticSearch has been used in server compromise. This is the vulnerability what they are using. I have also seen this hitting honeypots. ElasticSearch contains a flaw that is triggered as input passed via the 'source' parameter to /_search is not properly sanitized. This allows a remote attacker to manipulate files and execute arbitrary commands. OSVDB: http://osvdb.org/106949 Good article: http://bouk.co/blog/elasticsearch-rce/#how_to_secure_against_this_vulnerability --- Henri Salo Download attachment "signature.asc" of type "application/pgp-signature" (199 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ