FreeBSD : logstash -- Remote command execution in Logstash zabbix and nagios_nsca outputs (2184ccad-1a10-11e5-b43d-002590263bf5)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Elastic reports :

The vulnerability impacts deployments that use the either the zabbix
or the nagios_nsca outputs. In these cases, an attacker with an
ability to send crafted events to any source of data for Logstash
could execute operating system commands with the permissions of the
Logstash process.

Deployments that do not use the zabbix or the nagios_nsca outputs are
not vulnerable and do not need to upgrade for this reason.

We have added this vulnerability to our CVE page and are working on
filling out the CVE.

We would like to thank Jan Karwowski and Danila Borisiuk for reporting
the issue and working with us on the resolution.

See also :

https://www.elastic.co/blog/logstash-1-4-2
https://www.elastic.co/community/security
http://www.nessus.org/u?c5fb92aa

Solution :

Update the affected package.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 84380 ()

Bugtraq ID:

CVE ID: CVE-2014-4326

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now