Advisory: Multiple Splunk Vulnerabilities

Sec-1 Security Advisory
Advisory Name : Splunk Multiple Vulnerabilities
Release Date : 14/12/2012
Application : Splunk 4.2.4, 4.2.3 and 4.2.2 tested
Platform : Windows & Linux
Severity : Remote Compromise (root)
Author : Gary O’Leary-Steele
Vendor Status : Fixed in 4.2.5
Website :
Vulnerability Summary:
Multiple vulnerabilities were discovered that could be exploited to gain remote code execution as the root/localsystem user. A full description of the discovered vulnerabilities can be found here: Download
Exploit code designed for use in penetration testing can be downloaded here: Download
Vendor Response:
The vendor has patched the issue in version 4.2.5. Sec-1 would like to thank Splunk for their prompt and professional response.
Common Vulnerabilities and Exposures (CVE) Information:
The Common Vulnerabilities and Exposures (CVE) project has assigned the following names to these issues. These are candidates for inclusion in the CVE list (, which standardizes names for security problems.
Copyright 2011 Sec-1 LTD. All rights reserved.
This entry was posted in Advisories. Bookmark the permalink.

Comments are closed.