Red Hat Security Advisory 2014-1186-01 - The katello-configure package provides the katello-configure script, which configures the Katello installation, and the katello-upgrade script, which handles upgrades between versions. It was discovered that the default configuration of Elasticsearch enabled dynamic scripting, allowing a remote attacker to execute arbitrary MVEL expressions and Java code via the source parameter passed to _search. All Subscription Asset Manager users are advised to upgrade to this updated package. The update provides a script that modifies the elasticsearch.yml configuration file to disable dynamic scripting. After updating, run the "katello-configure" command. This will update the elasticsearch.yml configuration file and restart the elasticsearch service.
8e0e0f078d1634249edcb305467202bd802bcf0c3aae4448de08308a913120e0
Red Hat Security Advisory 2014-1170-01 - This advisory contains instructions on how to resolve one security issue in the Elasticsearch component in Fuse ESB Enterprise and Fuse MQ Enterprise 7.1.0.
cda8a55812eca23934b2ebd4c0cfda1feb81d8ddd544746c00205873c1e7ddd0
Red Hat Security Advisory 2014-1171-01 - This advisory contains instructions on how to resolve one security issue in the Elasticsearch component in Fuse ESB Enterprise and Fuse MQ Enterprise 7.1.0.
7de6d8f79c743d6c37c8104e7cee5b3a934147a40c2f09b0aac27afd5d2f12e8
Remote exploit for Elastic Search version 1.1.1 that attempts to read /etc/hosts and /etc/passwd.
9f77dafb99af40f2c2d5742a9434d5f9d672d2a7b83bbada56a2713e609f8b41
This Metasploit module exploits a remote command execution vulnerability in ElasticSearch, exploitable by default on ElasticSearch prior to 1.2.0. The bug is found in the REST API, which requires no authentication or authorization, where the search function allows dynamic scripts execution, and can be used for remote attackers to execute arbitrary Java code. This Metasploit module has been tested successfully on ElasticSearch 1.1.1 on Ubuntu Server 12.04 and Windows XP SP3.
c25b90194192ece4e2507d09180295dea5fba7ac37136f5c31b76e2291ebeeb2
Elastic Search remote code execution exploit that leverages an issue which allows an attacker to read from and append to files on the system.
3299ff251ab0622ef68d21295c55f1a9622443f4a48b3ce749e6045ef42c4ae0