exploit the possibilities

Logstash 1.5.3 Man-In-The-Middle

Logstash 1.5.3 Man-In-The-Middle
Posted Aug 23, 2015
Authored by Markus Frosch

Logstash 1.5.3 and prior versions are vulnerable to a SSL/TLS security issue which allows an attacker to successfully implement a man in the middle attack. This vulnerability is not present in the initial installation of Logstash. This insecurity is exposed when users configure Lumberjack output to connect two Logstash instances. In such deployments, a Logstash instance is used to collect logs from a webserver and securely transmit them to a central Logstash instance to perform additional filtering and storing.

tags | advisory
advisories | CVE-2015-5619
MD5 | 226193777d29ba6c3f236b7518000313

Logstash 1.5.3 Man-In-The-Middle

Change Mirror Download
Summary:
Logstash 1.5.3 and prior versions are vulnerable to a SSL/TLS security
issue which allows an attacker to successfully implement a man in the
middle attack. This vulnerability is not present in the initial
installation of Logstash. This insecurity is exposed when users
configure Lumberjack output to connect two Logstash instances. In such
deployments, a Logstash instance is used to collect logs from a
webserver and securely transmit them to a central Logstash instance to
perform additional filtering and storing.

Note: Communication between Logstash Forwarder and Lumberjack Input in
Logstash is not affected by this vulnerability.

We have been assigned CVE-2015-5619 for this issue.

Fixed versions:
Version 1.5.4 and 1.4.5 has been patched with a fix that addresses
this vulnerability.

Remediation:
Users that currently use Logstash with the Lumberjack output or may
want to use it in the future should upgrade to 1.5.4 or 1.4.5.

Users that do not want to upgrade can address the vulnerability by
disabling the Lumberjack output.

Credit:
Markus Frosch reported this issue.

CVSS
Overall CVSS score: 4.3
Login or Register to add favorites

File Archive:

July 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    13 Files
  • 2
    Jul 2nd
    12 Files
  • 3
    Jul 3rd
    1 Files
  • 4
    Jul 4th
    2 Files
  • 5
    Jul 5th
    34 Files
  • 6
    Jul 6th
    21 Files
  • 7
    Jul 7th
    21 Files
  • 8
    Jul 8th
    13 Files
  • 9
    Jul 9th
    6 Files
  • 10
    Jul 10th
    1 Files
  • 11
    Jul 11th
    3 Files
  • 12
    Jul 12th
    15 Files
  • 13
    Jul 13th
    19 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    15 Files
  • 16
    Jul 16th
    9 Files
  • 17
    Jul 17th
    2 Files
  • 18
    Jul 18th
    2 Files
  • 19
    Jul 19th
    19 Files
  • 20
    Jul 20th
    21 Files
  • 21
    Jul 21st
    53 Files
  • 22
    Jul 22nd
    14 Files
  • 23
    Jul 23rd
    14 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close