Full Disclosure mailing list archives
SPLUNK > 6 universal forwarder cypher weakness
From: fortinet42 () mac hush com
Date: Sun, 10 Nov 2013 09:07:37 +0100
Hiho List, SPLUNK > 6 might have some issues under the hood. Issue #1 We have discovered the issue within a Pen-Test. Tested. 5.0.3, 5.0.4, 6 OS: Linux SOLARIS Windows OS X BSD - the Open one (...) Issue #2 Have a quick look what is in the tar-ball Seen Django. IMHO several CVE's might be a reason to update the package. Mitigation/Workarounds: Issue #1 http://answers.splunk.com/answers/90990/allow-only-a-specified-ssl-cipher-in-the-splunk-forwarder Issue #2 Check Out the latest Django release. Overwrite the /Django Binaries at the SPLUNK > Folder. Timeline. Issue #1 Contacted SPLUNK > Security at Summertime Sadeness 2 Weeks later - and Licensing stuff more later, and phone Calls later - we received the KB. Issue #2 Hmmm. Version 6. If you might upgrade the universal FW - welcome back to Issue # 1. Thriller - Baby. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- SPLUNK > 6 universal forwarder cypher weakness fortinet42 (Nov 10)