FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

elasticsearch -- remote OS command execution via Groovy scripting engine

Affected packages
1.3.0 <= elasticsearch < 1.3.8
1.4.0 <= elasticsearch < 1.4.3

Details

VuXML ID 026759e0-1ba3-11e5-b43d-002590263bf5
Discovery 2015-02-11
Entry 2015-06-26

Elastic reports:

Vulnerability Summary: Elasticsearch versions 1.3.0-1.3.7 and 1.4.0-1.4.2 have vulnerabilities in the Groovy scripting engine that were introduced in 1.3.0. The vulnerability allows an attacker to construct Groovy scripts that escape the sandbox and execute shell commands as the user running the Elasticsearch Java VM.

Remediation Summary: Users should upgrade to 1.3.8 or 1.4.3. Users that do not want to upgrade can address the vulnerability by setting script.groovy.sandbox.enabled to false in elasticsearch.yml and restarting the node.

[source]

References

Bugtraq ID 72585
CVE Name CVE-2015-1427
URL http://www.securityfocus.com/archive/1/archive/1/534689/100/0/threaded
URL https://packetstormsecurity.com/files/130368/Elasticsearch-1.3.7-1.4.2-Sandbox-Escape-Command-Execution.html
URL https://packetstormsecurity.com/files/130784/ElasticSearch-Unauthenticated-Remote-Code-Execution.html
URL https://www.elastic.co/blog/elasticsearch-1-4-3-and-1-3-8-released
URL https://www.elastic.co/community/security

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.