SecuritySpace - CVE-2011-4642

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2011-4642

Description: mappy.py in Splunk Web in Splunk 4.2.x before 4.2.5 does not properly restrict use of the mappy command to access Python classes, which allows remote authenticated administrators to execute arbitrary code by leveraging the sys module in a request to the search application, as demonstrated by a cross-site request forgery (CSRF) attack, aka SPL-45172.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2011-4642
http://www.exploit-db.com/exploits/18245/
http://www.sec-1.com/blog/?p=233
http://www.sec-1.com/blog/wp-content/uploads/2011/12/Attacking_Splunk_Release.pdf
http://www.securitytracker.com/id?1026451
http://secunia.com/advisories/47232

CVE ID:	CVE-2011-4642
Description:	mappy.py in Splunk Web in Splunk 4.2.x before 4.2.5 does not properly restrict use of the mappy command to access Python classes, which allows remote authenticated administrators to execute arbitrary code by leveraging the sys module in a request to the search application, as demonstrated by a cross-site request forgery (CSRF) attack, aka SPL-45172.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2011-4642 http://www.exploit-db.com/exploits/18245/ http://www.sec-1.com/blog/?p=233 http://www.sec-1.com/blog/wp-content/uploads/2011/12/Attacking_Splunk_Release.pdf http://www.securitytracker.com/id?1026451 http://secunia.com/advisories/47232