29 matches found
CVE-2016-10362
Prior to Logstash version 5.0.1, Elasticsearch Output plugin when updating connections after sniffing, would log to file HTTP basic auth credentials...
Logstash Logs Sensitive Information
Logstash prior to version 2.3.4, Elasticsearch Output plugin would log to file HTTP authorization headers which could contain sensitive information...
Elastic Logstash 'CVE-2015-4152' Directory Traversal Vulnerability - Linux
Elastic Logstash is prone to a directory traversal vulnerability. This VT has been deprecated and merged into the VT VT SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Logstash Logs Sensitive Information
Prior to Logstash version 5.0.1, Elasticsearch Output plugin when updating connections after sniffing, would log to file HTTP basic auth credentials...
Elasticsearch Logstash File Output Plugin Directory Traversal Vulnerability
Elasticsearch Logstash is a set of log analysis and monitoring tools. The tool provides features such as search, processing and management of logs or events. A directory traversal vulnerability in the file output plugin for Elasticsearch Logstash allows remote attackers to write arbitrary files t...
CVE-2015-4152
Directory traversal vulnerability in the file output plugin in Elasticsearch Logstash before 1.4.3 allows remote attackers to write to arbitrary files via vectors related to dynamic field references in the path option...
Logstash vulnerability CVE-2015-4152
Summary: Logstash versions 1.4.2 and prior are vulnerable to a directory traversal attack that allows an attacker to over-write files on the server running Logstash. This vulnerability is not present in the initial installation of Logstash. The vulnerability is exposed when the file output plugin...
Logstash 1.4.2 Directory Traversal Vulnerability
Logstash versions 1.4.2 and prior are vulnerable to a directory traversal attack that allows an attacker to overwrite files on the server running Logstash. Summary: Logstash versions 1.4.2 and prior are vulnerable to a directory traversal attack that allows an attacker to over-write files on the...
html_file
This plugin writes the framework messages to an HTML report file. Two configurable parameters exist: outputfile verbose If you want to write every HTTP request/response to a text file, you should use the textfile plugin. Plugin type Output Options Name | Type | Default Value | Description | Help...