Beats 5.6.4 security update


(Josh Bressers) #1

Packetbeat denial of service (ESA-2017-21)

Packetbeat versions prior to 5.6.4 are affected by a denial of service flaw in the PostgreSQL protocol handler. If Packetbeat is listening for PostgreSQL traffic and a user is able to send arbitrary network traffic to the monitored port, the attacker could prevent Packetbeat from properly logging other PostgreSQL traffic.

Affected Versions: All prior to 5.6.4

Solutions and Mitigations:
Users should upgrade to Packetbeat version 5.6.4. This issue can be avoided by disabling the PostgreSQL protocol.

Credit: Thanks to Teppei Fukuda for reporting this issue.

CVE ID: CVE-2017-11480