oss-sec mailing list archives
CVE-2014-3120 ElasticSearch
From: Henri Salo <henri () nerv fi>
Date: Wed, 30 Jul 2014 10:09:11 +0300
Heads up if you are using ElasticSearch. There has been several cases where ElasticSearch has been used in server compromise. This is the vulnerability what they are using. I have also seen this hitting honeypots. ElasticSearch contains a flaw that is triggered as input passed via the 'source' parameter to /_search is not properly sanitized. This allows a remote attacker to manipulate files and execute arbitrary commands. OSVDB: http://osvdb.org/106949 Good article: http://bouk.co/blog/elasticsearch-rce/#how_to_secure_against_this_vulnerability --- Henri Salo
Attachment:
signature.asc
Description: Digital signature
Current thread:
- CVE-2014-3120 ElasticSearch Henri Salo (Jul 30)