elasticsearch vulnerability helping cause Denial of Service attacks

securelist has the story

elasticsearch is an open source Cloud software running on a lot of   cloud companies. As it is a search and analytics engine.

 

But apparently it has a vulnerability which hackers are abusing.

 including a bot implementing some extraordinary DNS amplification DDoS functionality. Operators of these bots are currently active, and we observe new variants of the trojan building bigger botnets.”  from the Securelist article.

And apparently the Elasticsearch open source drivers are on summer holiday for another 3 weeks at least.

 

The culprit may be that the cloud companies are not upgrading to the latest elasticsearch (released before the holiday). 1.3.1 today 7/28/2014.

 

So this may be a Zero-day-cloud event   Cloud companies need to upgrade to the latest elasticsearch .

Now !!

Advertisements