CVE-2017-11480
Packetbeat versions prior to 5.6.4 are affected by a denial of service flaw in the PostgreSQL protocol handler. If Packetbeat is listening for PostgreSQL traffic and a user is able to send arbitrary network traffic to the monitored port, the attacker could prevent Packetbeat from properly logging other PostgreSQL traffic.
| Software | From | Fixed in |
|---|---|---|
| elasticsearch / packetbeat | - | 5.6.4 |
github.com/elastic/beats
|
- | 5.6.4 |
|
github.com/elastic/beats
|
6.0.0-alpha1 | 6.0.0 |
- https://discuss.elastic.co/t/beats-5-6-4-security-update/106739
- https://github.com/elastic/beats/commit/aeca65779d573976981587ca1d1461399e1b59dd
- https://github.com/elastic/beats/pull/5457
- https://github.com/elastic/beats/pull/5479
- https://github.com/elastic/beats/pull/5480
- https://pkg.go.dev/vuln/GO-2022-0643
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime