Date: Wed, 30 Jul 2014 10:09:11 +0300 From: Henri Salo <henri@...v.fi> To: oss-security@...ts.openwall.com Subject: CVE-2014-3120 ElasticSearch Heads up if you are using ElasticSearch. There has been several cases where ElasticSearch has been used in server compromise. This is the vulnerability what they are using. I have also seen this hitting honeypots. ElasticSearch contains a flaw that is triggered as input passed via the 'source' parameter to /_search is not properly sanitized. This allows a remote attacker to manipulate files and execute arbitrary commands. OSVDB: http://osvdb.org/106949 Good article: http://bouk.co/blog/elasticsearch-rce/#how_to_secure_against_this_vulnerability --- Henri Salo Download attachment "signature.asc" of type "application/pgp-signature" (199 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.