Packetbeat versions prior to 5.6.4 are affected by a denial of service flaw in the PostgreSQL protocol handler. If Packetbeat is listening for PostgreSQL traffic and a user is able to send arbitrary network traffic to the monitored port, the attacker could prevent Packetbeat from properly logging other PostgreSQL traffic.
References
Link | Resource |
---|---|
https://discuss.elastic.co/t/beats-5-6-4-security-update/106739 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: elastic
Published: 2017-12-08T18:00:00
Updated: 2017-12-08T17:57:01
Reserved: 2017-07-20T00:00:00
Link: CVE-2017-11480
JSON object: View
NVD Information
Status : Modified
Published: 2017-12-08T18:29:00.210
Modified: 2019-10-09T23:22:07.557
Link: CVE-2017-11480
JSON object: View
Redhat Information
No data.