FreeBSD : logstash -- Directory traversal vulnerability in the file output plugin (24bde04f-1a10-11e5-b43d-002590263bf5)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Elastic reports :

An attacker could use the File output plugin with dynamic field
references in the path option to traverse paths outside of Logstash
directory. This technique could also be used to overwrite any files
which can be accessed with permissions associated with Logstash user.
This release sandboxes the paths which can be traversed using the
configuration. We have also disallowed use of dynamic field references
if the path options is pointing to an absolute path.

We have added this vulnerability to our CVE page and are working on
filling out the CVE. We would like to thank Colin Coghill for
reporting the issue and working with us on the resolution.

See also :

https://www.elastic.co/blog/logstash-1-4-3-released
https://www.elastic.co/community/security
http://www.nessus.org/u?b69484ae

Solution :

Update the affected package.

Risk factor :

Medium / CVSS Base Score : 6.4
(CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 84381 ()

Bugtraq ID:

CVE ID: CVE-2015-4152

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now