Advisory: Multiple Splunk Vulnerabilities

Sec-1 Security Advisory
Advisory Name : Splunk Multiple Vulnerabilities
Release Date : 14/12/2012
Application : Splunk 4.2.4, 4.2.3 and 4.2.2 tested
Platform : Windows & Linux
Severity : Remote Compromise (root)
Author : Gary O’Leary-Steele
Vendor Status : Fixed in 4.2.5
Website : http://www.sec-1.com/blog
Vulnerability Summary:
Multiple vulnerabilities were discovered that could be exploited to gain remote code execution as the root/localsystem user. A full description of the discovered vulnerabilities can be found here: Download
Exploit:
Exploit code designed for use in penetration testing can be downloaded here: Download
Vendor Response:
The vendor has patched the issue in version 4.2.5. Sec-1 would like to thank Splunk for their prompt and professional response.
Common Vulnerabilities and Exposures (CVE) Information:
The Common Vulnerabilities and Exposures (CVE) project has assigned the following names to these issues. These are candidates for inclusion in the CVE list (http://cve.mitre.org), which standardizes names for security problems.
CVE : See PDF
Copyright 2011 Sec-1 LTD. All rights reserved.
This entry was posted in Advisories. Bookmark the permalink.

Comments are closed.