934931 – (CVE-2015-4152) VUL-0: CVE-2015-4152: logstash: Directory traversal vulnerability in the file output plugin

Bug 934931 (CVE-2015-4152) - VUL-0: CVE-2015-4152: logstash: Directory traversal vulnerability in the file output plugin

Summary: VUL-0: CVE-2015-4152: logstash: Directory traversal vulnerability in the file...

Status:	RESOLVED FIXED

Alias:	CVE-2015-4152

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Major
Target Milestone:	---
Assignee:	Robert Wawrig
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/117682/
Whiteboard:
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2015-06-16 13:23 UTC by Andreas Stieger
Modified:	2015-06-17 16:28 UTC (History)
CC List:	2 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Andreas Stieger 2015-06-16 13:23:32 UTC

Directory traversal vulnerability in the file output plugin in Elasticsearch
Logstash before 1.4.3 allows remote attackers to write to arbitrary files via
vectors related to dynamic field references in the path option.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4152
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4152
http://packetstormsecurity.com/files/132233/Logstash-1.4.2-Directory-Traversal.html
http://www.securityfocus.com/archive/1/archive/1/535725/100/0/threaded
https://www.elastic.co/blog/logstash-1-4-3-released

Comment 2 Swamp Workflow Management 2015-06-16 22:00:32 UTC

bugbot adjusting priority

Comment 3 Robert Wawrig 2015-06-17 16:28:14 UTC

We are not using the file output plugin.
Logstash on loganalyzer-admin.suse.de updated from v1.4.2 to v1.5.1