FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

logstash -- Directory traversal vulnerability in the file output plugin

Affected packages
logstash < 1.4.3

Details

VuXML ID 24bde04f-1a10-11e5-b43d-002590263bf5
Discovery 2015-06-09
Entry 2015-06-24

Elastic reports:

An attacker could use the File output plugin with dynamic field references in the path option to traverse paths outside of Logstash directory. This technique could also be used to overwrite any files which can be accessed with permissions associated with Logstash user. This release sandboxes the paths which can be traversed using the configuration. We have also disallowed use of dynamic field references if the path options is pointing to an absolute path.

We have added this vulnerability to our CVE page and are working on filling out the CVE. We would like to thank Colin Coghill for reporting the issue and working with us on the resolution.

References

CVE Name CVE-2015-4152
URL https://www.elastic.co/blog/logstash-1-4-3-released
URL https://www.elastic.co/community/security