Archive

Does shellshock impact Splunk Enterprise 5.0.4

Path Finder

Hi,
Would like to check whether the Shellshock affect older version of splunk 5.0.4, any document to state that it does not impact this version? thks

Tags (1)
0 Karma
1 Solution

Motivator

Splunk Employee
Splunk Employee

To answer your versioning question, there is no meaningful difference between 5.0.4 and 5.0.9 that MarioM links in regard to shellshock. Shellshock is a bash vulnerability with a broad attack surface, for which the correct thing to do is to update bash.

For the security conscious user, I would strongly encourage following the current maintenance release of whatever line of product they choose to deploy.

Motivator

Path Finder

HI,
I thought i read the article that 5.0.4 is not vulnerable to Heartbleed, can assist to provide the article that 5.0.4 is vulnerable to Heartbleed? thks

0 Karma

Splunk Employee
Splunk Employee

We did not update 5.0.4 in regards to heartbleed. However, since older versions of OpenSSL were not affected by this particular bug, 5.0.x versions were not affected by this particular bug either.

In general, however, 5.0.4 lacks many updates to many other components. I would not select a significantly antiquated release for the security-conscious, which was gkanapathy's point.

0 Karma

Splunk Employee
Splunk Employee

5.0.4 is not a current maintenance release, and will certainly have vulnerabilities that are not in the current 5.0.x maintenance release. For example, 5.0.4 is still vulnerable to Heartbleed.