Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 30 Jul 2014 10:09:11 +0300
From: Henri Salo <henri@...v.fi>
To: oss-security@...ts.openwall.com
Subject: CVE-2014-3120 ElasticSearch

Heads up if you are using ElasticSearch. There has been several cases where
ElasticSearch has been used in server compromise. This is the vulnerability what
they are using. I have also seen this hitting honeypots.

ElasticSearch contains a flaw that is triggered as input passed via the 'source'
parameter to /_search is not properly sanitized. This allows a remote attacker
to manipulate files and execute arbitrary commands.

OSVDB: http://osvdb.org/106949
Good article:
http://bouk.co/blog/elasticsearch-rce/#how_to_secure_against_this_vulnerability

---
Henri Salo

Download attachment "signature.asc" of type "application/pgp-signature" (199 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ