Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2016 Greenbone AGOPENVAS:1361412562310808504
HistoryJun 28, 2016 - 12:00 a.m.

Elastic Logstash 'CVE-2015-4152' Directory Traversal Vulnerability - Linux

2016-06-2800:00:00
Copyright (C) 2016 Greenbone AG
plugins.openvas.org
16

6.3 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.6%

JSON

Elastic Logstash is prone to a directory traversal vulnerability.

This script has been merged into the VT

# SPDX-FileCopyrightText: 2016 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.808504");
  script_version("2023-06-27T05:05:30+0000");
  script_cve_id("CVE-2015-4152");
  script_tag(name:"cvss_base", value:"6.4");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:P/A:P");
  script_tag(name:"last_modification", value:"2023-06-27 05:05:30 +0000 (Tue, 27 Jun 2023)");
  script_tag(name:"creation_date", value:"2016-06-28 18:29:19 +0530 (Tue, 28 Jun 2016)");
  script_name("Elastic Logstash 'CVE-2015-4152' Directory Traversal Vulnerability - Linux");

  script_tag(name:"summary", value:"Elastic Logstash is prone to a directory traversal vulnerability.

  This script has been merged into the VT 'Elastic Logstash 'CVE-2015-4152' Directory Traversal Vulnerability' (OID: 1.3.6.1.4.1.25623.1.0.808094)");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"The Flaw is due to improper validation of
  path option in file output plugin.");

  script_tag(name:"impact", value:"Successful exploitation will allow remote
  attackers to write to arbitrary files.");

  script_tag(name:"qod_type", value:"remote_banner_unreliable");

  script_tag(name:"affected", value:"Elastic Logstash version prior to
  1.4.3.");

  script_tag(name:"solution", value:"Update to Elastic Logstash version 1.4.3,
  or later.");

  script_tag(name:"solution_type", value:"VendorFix");

  script_xref(name:"URL", value:"https://www.elastic.co/community/security/");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/75112");
  script_xref(name:"URL", value:"http://www.securityfocus.com/archive/1/archive/1/535725/100/0/threaded");

  script_copyright("Copyright (C) 2016 Greenbone AG");
  script_category(ACT_GATHER_INFO);
  script_family("General");

  script_tag(name:"deprecated", value:TRUE);

  exit(0);
}

exit(66);

Related

nessus 2
securityvulns 2
prion 1
zdt 1
cve 1
openvas 1
freebsd 1
nessus
nessus
FreeBSD : logstash -- Directory traversal vulnerability in the file output plugin (24bde04f-1a10-11e5-b43d-002590263bf5)
2015-06-25 00:00:00
Logstash ESA-2015-04
2018-12-06 00:00:00
securityvulns
securityvulns
Logstash vulnerability CVE-2015-4152
2015-06-14 00:00:00
Elastic Logstash directory traversal
2015-07-27 00:00:00
prion
prion
Directory traversal
2015-06-15 15:59:00
zdt
zdt
Logstash 1.4.2 Directory Traversal Vulnerability
2015-06-10 00:00:00
cve
cve
CVE-2015-4152
2015-06-15 15:59:00
openvas
openvas
Elastic Logstash 'CVE-2015-4152' Directory Traversal Vulnerability
2016-06-23 00:00:00
freebsd
freebsd
logstash -- Directory traversal vulnerability in the file output plugin
2015-06-09 00:00:00

6.3 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.6%

JSON
Related for OPENVAS:1361412562310808504
nessus2securityvulns2prion1zdt1cve1openvas1freebsd1