Full Disclosure mailing list archives
Re: Splunk Vulnerability
From: "Michael D. Wood" <mike () itsecuritypros org>
Date: Thu, 06 Sep 2012 04:57:18 -0400
And I'm sure glad you took the time to notice! -- Michael D. Wood ITSecurityPros.org www.itsecuritypros.org ----- Reply message ----- From: "Benji" <me () b3nji com> To: "Michael D. Wood" <mike () itsecuritypros org> Cc: "JxT" <jxt.lists () gmail com>, "Zach C." <fxchip () gmail com>, <full-disclosure () lists grok org uk> Subject: [Full-disclosure] Splunk Vulnerability Date: Thu, Sep 6, 2012 4:53 am well Im glad we got multiple emails saying you all agree,. On Thu, Sep 6, 2012 at 8:50 AM, Michael D. Wood <mike () itsecuritypros org> wrote:
I agree. Splunk *IS* doing what it was designed to do. -- Michael D. Wood ITSecurityPros.org www.itsecuritypros.org From: JxT [mailto:jxt.lists () gmail com] Sent: Thursday, September 06, 2012 2:19 AM To: Zach C. Cc: Michael D. Wood; full-disclosure () lists grok org uk Subject: Re: [Full-disclosure] Splunk Vulnerability On Wed, Sep 5, 2012 at 11:30 PM, Zach C. <fxchip () gmail com> wrote: 1.) The tool, Splunk, is designed to index logs 2.) Logs are arbitrary files. Therefore, 3.) Splunk is designed to index arbitrary files. Agreed, Splunk is doing exactly what it's designed to do. This is not a vulnerability within Splunk itself. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Splunk Vulnerability Rodrigo Salvalagio (Sep 03)
- Re: Splunk Vulnerability Michael D. Wood (Sep 05)
- Re: Splunk Vulnerability Zach C. (Sep 05)
- Re: Splunk Vulnerability JxT (Sep 05)
- Re: Splunk Vulnerability Michael D. Wood (Sep 06)
- Re: Splunk Vulnerability Benji (Sep 06)
- Re: Splunk Vulnerability Zach C. (Sep 05)
- Re: Splunk Vulnerability Michael D. Wood (Sep 05)
- <Possible follow-ups>
- Re: Splunk Vulnerability Michael D. Wood (Sep 06)