| VID |
22390 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The ELOG server is vulnerable to multiple vulnerabilities which exist in versions prior to 2.6.1. ELOG (Electronic Web Lobgook) is a freely available logbook application with a Web interface. ELOG versions prior to 2.6.1 are vulnerable to a format string vulnerability in the elogd.c write_logfile() function. A remote attacker could exploit this vulnerability via the 'uname' parameter of the login form to execute arbitrary code on the affected host. In addition to this flaw, a remote attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to traverse directories and read arbitrary files outside of the web root directory with the privileges of the Web service.
* References:
http://midas.psi.ch/elogs/Forum/1608
http://secunia.com/advisories/18533/
* Platforms Affected:
ELOG versions prior to 2.6.1
Linux Any version
Unix Any version |
| Recommendation |
Upgrade to the latest version of ELOG (2.6.1 or later), available from the ELOG Download Web page at http://midas.psi.ch/elog/download.html |
| Related URL |
CVE-2006-0347,CVE-2006-0348 (CVE) |
| Related URL |
16315 (SecurityFocus) |
| Related URL |
24221,24224 (ISS) |
|
