Detections
Analytics

FreeBSD : logstash -- Directory traversal vulnerability in the file output plugin (24bde04f-1a10-11e5-b43d-002590263bf5)

medium Nessus Plugin ID 84381

Language:

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Elastic reports :

An attacker could use the File output plugin with dynamic field references in the path option to traverse paths outside of Logstash directory. This technique could also be used to overwrite any files which can be accessed with permissions associated with Logstash user.
This release sandboxes the paths which can be traversed using the configuration. We have also disallowed use of dynamic field references if the path options is pointing to an absolute path.

We have added this vulnerability to our CVE page and are working on filling out the CVE. We would like to thank Colin Coghill for reporting the issue and working with us on the resolution.

Solution

Update the affected package.

See Also

https://www.elastic.co/blog/logstash-1-4-3-released

https://www.elastic.co/community/security

http://www.nessus.org/u?f41867a7

Plugin Details

Severity: Medium

ID: 84381

File Name: freebsd_pkg_24bde04f1a1011e5b43d002590263bf5.nasl

Version: 2.4

Type: local

Published: 6/25/2015

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 2.5

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:logstash, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 6/24/2015

Vulnerability Publication Date: 6/9/2015

Reference Information

CVE: CVE-2015-4152