Vigil@nce - Splunk: code execution via Test Script
October 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An authenticated attacker can use Splunk test scripts, in order to
execute shell commands on the server.
Impacted products: Splunk
Severity: 2/4
Creation date: 24/09/2013
DESCRIPTION OF THE VULNERABILITY
The Splunk product is provided with scripts used to troubleshoot
alert tools.
However, these scripts can be used to create another script,
containing arbitrary commands.
An authenticated attacker can therefore use Splunk test scripts,
in order to execute shell commands on the server.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Splunk-code-execution-via-Test-Script-13470