ELOG Web Logbook Multiple Remote Unspecified Vulnerabilities
BID:12640
Info
ELOG Web Logbook Multiple Remote Unspecified Vulnerabilities
| Bugtraq ID: | 12640 |
| Class: | Unknown |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 23 2005 12:00AM |
| Updated: | Feb 23 2005 12:00AM |
| Credit: | Discovery of these vulnerabilities is credited to nrktx. |
| Vulnerable: |
Elog Web Logbook Elog Web Logbook 2.5.6 Elog Web Logbook Elog Web Logbook 2.5 Elog Web Logbook Elog Web Logbook 2.4 Elog Web Logbook Elog Web Logbook 2.2.4 Elog Web Logbook Elog Web Logbook 2.2.3 Elog Web Logbook Elog Web Logbook 2.2.2 Elog Web Logbook Elog Web Logbook 2.2.1 Elog Web Logbook Elog Web Logbook 2.2 .0 Elog Web Logbook Elog Web Logbook 2.1.3 Elog Web Logbook Elog Web Logbook 2.1.2 Elog Web Logbook Elog Web Logbook 2.1.1 Elog Web Logbook Elog Web Logbook 2.1 .0 Elog Web Logbook Elog Web Logbook 2.0.5 Elog Web Logbook Elog Web Logbook 2.0.4 Elog Web Logbook Elog Web Logbook 2.0.3 Elog Web Logbook Elog Web Logbook 2.0.2 Elog Web Logbook Elog Web Logbook 2.0.1 Elog Web Logbook Elog Web Logbook 2.0 .0 |
| Not Vulnerable: | |
Discussion
ELOG Web Logbook Multiple Remote Unspecified Vulnerabilities
ELOG Web Logbook is reported prone to multiple vulnerabilities. The following individual issues are reported:
ELOG Web Logbook is reported prone to two remote heap-based buffer overflow vulnerabilities. It is reported that the overflows may be leveraged remotely to have arbitrary code executed in the context of the affected daemon.
A directory traversal vulnerability is also reported to affect ELOG Web Logbook; again, the details of this issue are not specified. It is conjectured that this issue may be exploited by a remote attacker to disclose sensitive information.
These vulnerabilities are reported to exist in ELOG versions up to and including version 2.5.6. Other versions might also be affected.
ELOG Web Logbook is reported prone to multiple vulnerabilities. The following individual issues are reported:
ELOG Web Logbook is reported prone to two remote heap-based buffer overflow vulnerabilities. It is reported that the overflows may be leveraged remotely to have arbitrary code executed in the context of the affected daemon.
A directory traversal vulnerability is also reported to affect ELOG Web Logbook; again, the details of this issue are not specified. It is conjectured that this issue may be exploited by a remote attacker to disclose sensitive information.
These vulnerabilities are reported to exist in ELOG versions up to and including version 2.5.6. Other versions might also be affected.
Exploit / POC
ELOG Web Logbook Multiple Remote Unspecified Vulnerabilities
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
ELOG Web Logbook Multiple Remote Unspecified Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
ELOG Web Logbook Multiple Remote Unspecified Vulnerabilities
References:
References:
- Elog Web Logbook Homepage (Elog Web Logbook)