|
Message-ID: <20140730070911.GA9168@kludge.henri.nerv.fi>
Date: Wed, 30 Jul 2014 10:09:11 +0300
From: Henri Salo <henri@...v.fi>
To: oss-security@...ts.openwall.com
Subject: CVE-2014-3120 ElasticSearch
Heads up if you are using ElasticSearch. There has been several cases where
ElasticSearch has been used in server compromise. This is the vulnerability what
they are using. I have also seen this hitting honeypots.
ElasticSearch contains a flaw that is triggered as input passed via the 'source'
parameter to /_search is not properly sanitized. This allows a remote attacker
to manipulate files and execute arbitrary commands.
OSVDB: http://osvdb.org/106949
Good article:
http://bouk.co/blog/elasticsearch-rce/#how_to_secure_against_this_vulnerability
---
Henri Salo
Download attachment "signature.asc" of type "application/pgp-signature" (199 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.