FreeBSD : logstash -- Directory traversal vulnerability in the file output plugin (24bde04f-1a10-11e5-b43d-002590263bf5)

Medium Nessus Plugin ID 84381


The remote FreeBSD host is missing a security-related update.


Elastic reports :

An attacker could use the File output plugin with dynamic field references in the path option to traverse paths outside of Logstash directory. This technique could also be used to overwrite any files which can be accessed with permissions associated with Logstash user.
This release sandboxes the paths which can be traversed using the configuration. We have also disallowed use of dynamic field references if the path options is pointing to an absolute path.

We have added this vulnerability to our CVE page and are working on filling out the CVE. We would like to thank Colin Coghill for reporting the issue and working with us on the resolution.


Update the affected package.

See Also

Plugin Details

Severity: Medium

ID: 84381

File Name: freebsd_pkg_24bde04f1a1011e5b43d002590263bf5.nasl

Version: $Revision: 2.1 $

Type: local

Published: 2015/06/25

Modified: 2015/06/25

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:logstash, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2015/06/24

Vulnerability Publication Date: 2015/06/09

Reference Information

CVE: CVE-2015-4152