2 matches found
Splunk collect file Directory Traversal (CVE-2013-6771)
A directory traversal vulnerability has been found in Splunk. The vulnerability is due to insufficient sanitization of user-provided input to the advanced search functionality in the "file" parameter of the "collect" script...
CVE-2013-6771
CVE-2013-6771 covers a directory traversal flaw in Splunk’s collect script prior to version 5.0.5. The vulnerability arises from insufficient sanitization of the file parameter, allowing an attacker to craft a path with .. to execute arbitrary commands. Public references note the issue as split f...