Full Disclosure: Re: Splunk Vulnerability

Nmap Security Scanner
- Intro
- Ref Guide
- Install Guide
- Download
- Changelog
- Book
- Docs
Security Lists
- Nmap Hackers
- Nmap Dev
- Bugtraq
- Full Disclosure
- Pen Test
- Basics
- More
Security Tools
Site News
Advertising
About/Contact
Sponsors:

Re: Splunk Vulnerability

From: "Michael D. Wood" <mike () itsecuritypros org>
Date: Thu, 6 Sep 2012 03:50:03 -0400

I agree.  Splunk *IS* doing what it was designed to do.

 

--

Michael D. Wood

ITSecurityPros.org

www.itsecuritypros.org

 

From: JxT [mailto:jxt.lists () gmail com] 
Sent: Thursday, September 06, 2012 2:19 AM
To: Zach C.
Cc: Michael D. Wood; full-disclosure () lists grok org uk
Subject: Re: [Full-disclosure] Splunk Vulnerability

 

On Wed, Sep 5, 2012 at 11:30 PM, Zach C. <fxchip () gmail com> wrote:

1.) The tool, Splunk, is designed to index logs
2.) Logs are arbitrary files.
Therefore,
3.) Splunk is designed to index arbitrary files.

 

Agreed, Splunk is doing exactly what it's designed to do. This is not a
vulnerability within Splunk itself.

Attachment: smime.p7s
Description:

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

Splunk Vulnerability Rodrigo Salvalagio (Sep 03)
- Re: Splunk Vulnerability Michael D. Wood (Sep 06)
  - Re: Splunk Vulnerability Zach C. (Sep 06)
    - Re: Splunk Vulnerability JxT (Sep 06)
    - Re: Splunk Vulnerability Michael D. Wood (Sep 06)
    - Re: Splunk Vulnerability Benji (Sep 06)
- <Possible follow-ups>
- Re: Splunk Vulnerability Michael D. Wood (Sep 06)