Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT Security Bulletin
ASB-2015.0111
Splunk Enterprise 6.2.7 addresses one vulnerability
26 November 2015
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Splunk Enterprise
Operating System: UNIX variants (UNIX, Linux, OSX)
Windows
Impact/Access: Denial of Service -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2015-1609
Member content until: Saturday, December 26 2015
OVERVIEW
A vulnerability has been identified in Splunk Enterprise prior to
version 6.2.7.
IMPACT
The vendor has provided the following information about the
vulnerability (CVE-2015-1609):
"Splunk Enterprise 6.2.x before 6.2.7 permit an unauthenticated
attacker to crash the KV Store with specifically crafted data." [1]
MITIGATION
The vendor recommends updating to Splunk Enterprise 6.2.7 as well as
following Splunk hardening guidelines. [1]
REFERENCES
[1] Splunk Enterprise 6.2.7 addresses one vulnerability
http://www.splunk.com/view/SP-CAAAPC3
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBVlakbH6ZAP0PgtI9AQKiuw/+ItvyFl3D0VH+Ih5lCwAXIjkblHmnt3s7
Syc4orQHmgZVR1W0RhFjwJjWXyHXkkVwvbK+og2ZqG1lmbIM1FPDnKNQUtGT5QCn
fFwJeubFqyMqmslXneCpo6s2Owny7VEKuQM61pUCQ3xTvZwtKgEbITxlKN2Rbcfv
DT1aAIQzoFYe2ci8JdNXeJqRZsg3DB0nV8SRDkT9Lb/rSBhzY/VjYqypBOsZPzVQ
MaRRAqL+68+JdFXfG5s67Oe3qPEB+70ub2fKmFJAVu07kCN1+DFnnFHoyyqqIVSo
6Gfux7yCCx28AOoFEni9sZURC5IrLY/4+Ft0fJL3t5bpVRL0ktNcUrPIcG3W+M9u
C6XVsgI/7r+kwSLcS1W6bxnDvPe1ISBBwJAotz8sulBh5eALC61PwH8lgAZNMihY
garVCR+KmbFWgLFbS8IqZyQ8jC6msrjnG3WfmhqFDjEVctTwPWaQ5YCay8RPmKUr
5oYVWw+i8RWmzRgSHnL+jeEZhatMFKDvlH2zrCjFTTW3J2PywRhre0zoGuTb05d+
gMIZ+6ELl9DEudTd/QHpwQCj7Dw9eTqc2JzZQrvrk+0sMuYo7DzYoTfr8EIttsoD
HPxsDdkktOyuLPb8kP8AooWWSilJH5uiENTN/AedVn9E0sC8hLC5b2BHaIhp4RKO
lIC/1rnXrVQ=
=KIyH
-----END PGP SIGNATURE-----