CVE-2014-3120 ElasticSearch

[Henri Salo <henri () nerv fi>]

Heads up if you are using ElasticSearch. There has been several cases where
ElasticSearch has been used in server compromise. This is the vulnerability what
they are using. I have also seen this hitting honeypots.

ElasticSearch contains a flaw that is triggered as input passed via the 'source'
parameter to /_search is not properly sanitized. This allows a remote attacker
to manipulate files and execute arbitrary commands.

OSVDB: http://osvdb.org/106949
Good article:
http://bouk.co/blog/elasticsearch-rce/#how_to_secure_against_this_vulnerability

---
Henri Salo

Attachment: signature.asc
Description: Digital signature