FreeBSD : elasticsearch -- directory traversal attack with site plugins (a71e7440-1ba3-11e5-b43d-002590263bf5)

This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Elastic reports :

Vulnerability Summary: All Elasticsearch versions prior to 1.5.2 and
1.4.5 are vulnerable to a directory traversal attack that allows an
attacker to retrieve files from the server running Elasticsearch when
one or more site plugins are installed, or when Windows is the server
OS.

Remediation Summary: Users should upgrade to 1.4.5 or 1.5.2. Users
that do not want to upgrade can address the vulnerability by disabling
site plugins. See the CVE description for additional options.

See also :

https://www.elastic.co/community/security
https://www.elastic.co/blog/elasticsearch-1-5-2-and-1-4-5-released
http://www.nessus.org/u?6b1f8241
http://www.securityfocus.com/archive/1/535385
http://www.nessus.org/u?df28acea

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 3.4
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 84413 ()

Bugtraq ID: 74353

CVE ID: CVE-2015-3337

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now