[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Logstash vulnerability CVE-2015-4152

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Logstash vulnerability CVE-2015-4152
From: Kevin Kluge <kevin@xxxxxxxxxx>
Date: Tue, 9 Jun 2015 14:37:36 -0700

Summary:
Logstash versions 1.4.2 and prior are vulnerable to a directory traversal 
attack that allows an attacker to over-write files on the server running 
Logstash.  This vulnerability is not present in the initial installation of 
Logstash.  The vulnerability is exposed when the file output plugin is 
configured for use.  The files impacted must be writeable by the user that owns 
the Logstash process.

We have been assigned CVE-2015-4152 for this issue.


Fixed versions:
Versions 1.5.0 and 1.4.3 have addressed the vulnerability.


Remediation:
Users that currently use the file output plugin or may use it in the future 
should upgrade to 1.5.0 or 1.4.3.  This will address the vulnerability and 
preserve file output functionality.

Users that do not want to upgrade can address the vulnerability by disabling 
the file output plugin.


Credit:
Colin Coghill reported this issue.


CVSS
Overall CVSS score: 4.3

Prev by Date: [SECURITY] [DSA 3283-1] cups security update
Next by Date: Kibana vulnerability CVE-2015-4093
Previous by thread: [SECURITY] [DSA 3283-1] cups security update
Next by thread: Kibana vulnerability CVE-2015-4093
Index(es):
- Date
- Thread