English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.106267
Category:Web application abuses
Title:Splunk Light Multiple Vulnerabilities
Summary:Splunk Light is prone to multiple vulnerabilities.
Description:Summary:
Splunk Light is prone to multiple vulnerabilities.

Vulnerability Insight:
Splunk Light is affected by multiple vulnerabilities:

Multiple OpenSSL vulnerabilities (CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109,
CVE-2016-2176).

Multiple vulnerabilities in libarchive (CVE-2016-1541, CVE-2015-2304, CVE-2013-0211).

Open redirect vulnerability (CVE-2016-4857).

Cross-site scripting vulnerability (CVE-2016-4858).

Affected Software/OS:
Splunk Light before 6.4.2

Solution:
Update to version 6.4.2 or later.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2016-2105
http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html
BugTraq ID: 89757
http://www.securityfocus.com/bid/89757
BugTraq ID: 91787
http://www.securityfocus.com/bid/91787
Cisco Security Advisory: 20160504 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl
Debian Security Information: DSA-3566 (Google Search)
http://www.debian.org/security/2016/dsa-3566
http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.html
FreeBSD Security Advisory: FreeBSD-SA-16:23
https://www.freebsd.org/security/advisories/FreeBSD-SA-16:17.openssl.asc
https://security.gentoo.org/glsa/201612-16
http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html
RedHat Security Advisories: RHSA-2016:0722
http://rhn.redhat.com/errata/RHSA-2016-0722.html
RedHat Security Advisories: RHSA-2016:0996
http://rhn.redhat.com/errata/RHSA-2016-0996.html
RedHat Security Advisories: RHSA-2016:1648
http://rhn.redhat.com/errata/RHSA-2016-1648.html
RedHat Security Advisories: RHSA-2016:1649
http://rhn.redhat.com/errata/RHSA-2016-1649.html
RedHat Security Advisories: RHSA-2016:1650
http://rhn.redhat.com/errata/RHSA-2016-1650.html
RedHat Security Advisories: RHSA-2016:2056
http://rhn.redhat.com/errata/RHSA-2016-2056.html
RedHat Security Advisories: RHSA-2016:2073
http://rhn.redhat.com/errata/RHSA-2016-2073.html
RedHat Security Advisories: RHSA-2016:2957
http://rhn.redhat.com/errata/RHSA-2016-2957.html
http://www.securitytracker.com/id/1035721
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103
SuSE Security Announcement: SUSE-SU-2016:1206 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html
SuSE Security Announcement: SUSE-SU-2016:1228 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.html
SuSE Security Announcement: SUSE-SU-2016:1231 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.html
SuSE Security Announcement: SUSE-SU-2016:1233 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.html
SuSE Security Announcement: SUSE-SU-2016:1267 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html
SuSE Security Announcement: SUSE-SU-2016:1290 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html
SuSE Security Announcement: SUSE-SU-2016:1360 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html
SuSE Security Announcement: openSUSE-SU-2016:1237 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.html
SuSE Security Announcement: openSUSE-SU-2016:1238 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.html
SuSE Security Announcement: openSUSE-SU-2016:1239 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html
SuSE Security Announcement: openSUSE-SU-2016:1240 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.html
SuSE Security Announcement: openSUSE-SU-2016:1241 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html
SuSE Security Announcement: openSUSE-SU-2016:1242 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html
SuSE Security Announcement: openSUSE-SU-2016:1243 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.html
SuSE Security Announcement: openSUSE-SU-2016:1273 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html
SuSE Security Announcement: openSUSE-SU-2016:1566 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00019.html
http://www.ubuntu.com/usn/USN-2959-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-2106
BugTraq ID: 89744
http://www.securityfocus.com/bid/89744
Common Vulnerability Exposure (CVE) ID: CVE-2016-2107
BugTraq ID: 89760
http://www.securityfocus.com/bid/89760
https://www.exploit-db.com/exploits/39768/
http://web-in-security.blogspot.ca/2016/05/curious-padding-oracle-in-openssl-cve.html
https://blog.cloudflare.com/yet-another-padding-oracle-in-openssl-cbc-ciphersuites/
Common Vulnerability Exposure (CVE) ID: CVE-2016-2108
BugTraq ID: 89752
http://www.securityfocus.com/bid/89752
RedHat Security Advisories: RHSA-2016:1137
https://access.redhat.com/errata/RHSA-2016:1137
RedHat Security Advisories: RHSA-2017:0193
https://access.redhat.com/errata/RHSA-2017:0193
RedHat Security Advisories: RHSA-2017:0194
https://access.redhat.com/errata/RHSA-2017:0194
Common Vulnerability Exposure (CVE) ID: CVE-2016-2109
BugTraq ID: 87940
http://www.securityfocus.com/bid/87940
Common Vulnerability Exposure (CVE) ID: CVE-2016-2176
BugTraq ID: 89746
http://www.securityfocus.com/bid/89746
Common Vulnerability Exposure (CVE) ID: CVE-2016-1541
BugTraq ID: 89355
http://www.securityfocus.com/bid/89355
CERT/CC vulnerability note: VU#862384
http://www.kb.cert.org/vuls/id/862384
Debian Security Information: DSA-3574 (Google Search)
http://www.debian.org/security/2016/dsa-3574
https://security.gentoo.org/glsa/201701-03
RedHat Security Advisories: RHSA-2016:1844
http://rhn.redhat.com/errata/RHSA-2016-1844.html
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.352685
SuSE Security Announcement: openSUSE-SU-2016:1463 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-06/msg00003.html
SuSE Security Announcement: openSUSE-SU-2016:1663 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-06/msg00090.html
http://www.ubuntu.com/usn/USN-2981-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-2304
Debian Security Information: DSA-3180 (Google Search)
http://www.debian.org/security/2015/dsa-3180
https://www.freebsd.org/security/advisories/FreeBSD-SA-16:22.libarchive.asc
http://www.mandriva.com/security/advisories?name=MDVSA-2015:157
http://www.openwall.com/lists/oss-security/2015/01/07/5
http://www.openwall.com/lists/oss-security/2015/01/16/7
http://www.securitytracker.com/id/1035996
SuSE Security Announcement: openSUSE-SU-2015:0568 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-03/msg00065.html
http://www.ubuntu.com/usn/USN-2549-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-0211
BugTraq ID: 58926
http://www.securityfocus.com/bid/58926
http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101876.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101872.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101700.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101687.html
https://www.freebsd.org/security/advisories/FreeBSD-SA-16:23.libarchive.asc
http://www.mandriva.com/security/advisories?name=MDVSA-2013:147
http://www.securitytracker.com/id/1035995
Common Vulnerability Exposure (CVE) ID: CVE-2016-4858
https://jvn.jp/en/jp/JVN71462075/index.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-4857
https://jvn.jp/en/jp/JVN39926655/index.html
CopyrightCopyright (C) 2016 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.