what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 3 of 3 RSS Feed

Files

Logstash 1.5.3 Man-In-The-Middle
Posted Aug 23, 2015
Authored by Markus Frosch

Logstash 1.5.3 and prior versions are vulnerable to a SSL/TLS security issue which allows an attacker to successfully implement a man in the middle attack. This vulnerability is not present in the initial installation of Logstash. This insecurity is exposed when users configure Lumberjack output to connect two Logstash instances. In such deployments, a Logstash instance is used to collect logs from a webserver and securely transmit them to a central Logstash instance to perform additional filtering and storing.

tags | advisory
advisories | CVE-2015-5619
SHA-256 | 8d94729ca78c886be74f1b17d603715f06729caa799a8b733cda4e486099eb9a

Related Files

Logstash 1.5.2 SSL/TLS FREAK
Posted Jul 21, 2015
Authored by Kevin Kluge, Accenture Security Team

Logstash 1.5.2 and prior versions are vulnerable to a SSL/TLS security issue called the FREAK attack. If you are using the Lumberjack input, FREAK allows an attacker to successfully implement a man in the middle attack, intercepting communication between the Logstash Forwarder agent and Logstash server.

tags | advisory
advisories | CVE-2015-5378
SHA-256 | b7135fa3ae882e982da1c97f18565f7476767f2800a6c0cc71e186e95bad5b18
Logstash 1.4.2 Directory Traversal
Posted Jun 10, 2015
Authored by Kevin Kluge

Logstash versions 1.4.2 and prior are vulnerable to a directory traversal attack that allows an attacker to overwrite files on the server running Logstash.

tags | advisory, file inclusion
advisories | CVE-2015-4152
SHA-256 | 15f05c723e1b04d767214a61d1c74ca2c6761f51c75c29b5564d9ff5525fe92f
Elasticsearch Logstash 1.4.1 Command Execution
Posted Jul 21, 2014
Authored by Jordan Sissel

Elasticsearch Logstash versions 1.0.14 through 1.4.1 suffer from a remote command execution vulnerability.

tags | advisory, remote
advisories | CVE-2014-4326
SHA-256 | af4c8c7dd3bc0722d099ec0c672298ee3ab08240c306a42f89bf7e33cf00c9e4
Page 1 of 1
Back1Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    9 Files
  • 7
    Feb 7th
    32 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close