ELOG < 2.5.7 Unspecified Remote Buffer Overflows

High Nessus Network Monitor Plugin ID 2618

Synopsis

The remote host is vulnerable to multiple remote buffer overflows.

Description

The remote server is running ELOG, an open source logbook web application. This version of ELOG is reported to be prone to multiple remote overflows. An attacker exploiting these alleged flaws would be able to execute code on the remote webserver.

Solution

Upgrade to ELOG 2.5.7 or higher.

See Also

http://midas.psi.ch/elogs/Forum/941

http://midas.psi.ch/elog

Plugin Details

Severity: High

ID: 2618

File Name: 2618.prm

Family: CGI

Published: 2005/02/15

Modified: 2016/01/15

Dependencies: 1442

Nessus ID: 16469

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSSv3

Base Score: 7.3

Temporal Score: 6.4

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:U/RL:O/RC:C

Reference Information

CVE: CVE-2005-0440, CVE-2005-0439

BID: 12556, 12639, 12640

OSVDB: 13812, 13813