Vulners
Lucene search
Splunk 4.3.x Denial Of Service
| Reporter | Title | Published | Views | Family All 196 |
|---|---|---|---|---|
 | Low: python26 | 5 Jul 201200:00 | – | amazon |
 | Amazon Linux AMI : python26 (ALAS-2012-98) | 4 Sep 201300:00 | – | nessus |
| CentOS 6 : python (CESA-2012:0744) | 20 Jun 201200:00 | – | nessus |
| CentOS 5 : python (CESA-2012:0745) | 19 Jun 201200:00 | – | nessus |
| Fedora 17 : python3-3.2.3-5.fc17 (2012-5785) (BEAST) | 7 May 201200:00 | – | nessus |
| Fedora 17 : python-2.7.3-3.fc17 / python-docs-2.7.3-1.fc17 (2012-5892) (BEAST) | 2 May 201200:00 | – | nessus |
| Fedora 15 : python3-3.2.3-1.fc15 (2012-5916) (BEAST) | 4 May 201200:00 | – | nessus |
| Fedora 16 : python-2.7.3-1.fc16 / python-docs-2.7.3-1.fc16 (2012-5924) (BEAST) | 7 May 201200:00 | – | nessus |
| Fedora 16 : python3-3.2.3-2.fc16 (2012-9135) (BEAST) | 20 Jun 201200:00 | – | nessus |
| GLSA-201401-04 : Python: Multiple vulnerabilities | 7 Jan 201400:00 | – | nessus |
10
________________________________________________________________________
Vendors: Splunk Inc., http://www.splunk.com
Product: Splunk 4.3.x (+ possibly earlier versions)
Vulnerability: Unauth. remote denial of service against splunkweb
Tracking IDs: CVE-2012-1150
SPL-53249
___________________________________________________________________________
Vendor communication:
2012/09/03 Reported the issue via Splunk's website
2012/09/04 Splunk responds and assigns tracking ID, plans fix for 5.0.
Replacing the Python version in a maintenance release
(4.3.x)
was considered too risky.
2012/10/25 Splunk informs us that 5.0 will be available on November 1st.
2012/10/29 Splunk 5.0 is released.
___________________________________________________________________________
Overview:
Splunkweb uses Python 2.7.2, which suffers from a vulnerability which allows
an
attacker to produce hash collisions for the hash table string hashing
function.
This leads to an O(n^2) complexity when inserting n keys (see
http://bugs.python.org/issue13703).
Description:
An attacker can abuse this vulnerability by sending a POST request to
Splunkweb
(for example to the login form endpoint) with colliding keys. Even a
moderate
amount of POST data leads to a 100% CPU usage for the splunkweb process.
Impact:
Denial of service (CPU exhaustion) against the Splunk server.
Fixes:
This issue has been fixed in Splunk 5.0 by updating the Python version
to 2.7.3 and enabling hash randomization.
________________________________________________________________________
Credits:
Alexander Klink, n.runs AG (discovery)
________________________________________________________________________
References:
This advisory and upcoming advisories:
http://www.nruns.com/security_advisory.php
________________________________________________________________________
# 0day.today [2018-04-03] #Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
02 Nov 2012 00:00Current
6.9Medium risk
Vulners AI Score6.9
EPSS0.01741