lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-Id: <20131110080737.4DA756017B@smtp.hushmail.com> Date: Sun, 10 Nov 2013 09:07:37 +0100 From: fortinet42@....hush.com To: full-disclosure@...ts.grok.org.uk Subject: SPLUNK > 6 universal forwarder cypher weakness Hiho List, SPLUNK > 6 might have some issues under the hood. Issue #1 We have discovered the issue within a Pen-Test. Tested. 5.0.3, 5.0.4, 6 OS: Linux SOLARIS Windows OS X BSD - the Open one (...) Issue #2 Have a quick look what is in the tar-ball Seen Django. IMHO several CVE's might be a reason to update the package. Mitigation/Workarounds: Issue #1 http://answers.splunk.com/answers/90990/allow-only-a-specified-ssl-cipher-in-the-splunk-forwarder Issue #2 Check Out the latest Django release. Overwrite the /Django Binaries at the SPLUNK > Folder. Timeline. Issue #1 Contacted SPLUNK > Security at Summertime Sadeness 2 Weeks later - and Licensing stuff more later, and phone Calls later - we received the KB. Issue #2 Hmmm. Version 6. If you might upgrade the universal FW - welcome back to Issue # 1. Thriller - Baby. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists