elasticsearch -- remote code execution via transport protocol
Vulnerability Summary: Elasticsearch versions prior to 1.6.1 are
vulnerable to an attack that can result in remote code execution.
Remediation Summary: Users should upgrade to 1.6.1 or 1.7.0.
Alternately, ensure that only trusted applications have access to
the transport protocol port.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright