CVE-2011-4644 Information

Description

Splunk 4.2.5 and earlier when a Free license is selected enables potentially undesirable functionality within an environment that intentionally does not support authentication which allows remote attackers to (1) read arbitrary files via a management-console session that leverages the ability to create crafted data sources or (2) execute management commands via an HTTP request.

Reference

http://www.exploit-db.com/exploits/18245/ http://www.sec-1.com/blog/?p=233 http://www.sec-1.com/blog/wp-content/uploads/2011/12/Attacking_Splunk_Release.pdf