Test Kennung:	1.3.6.1.4.1.25623.1.0.901009
Kategorie:	Buffer overflow
Titel:	ELOG Remote Buffer Overflow and Cross Site Scripting Vulnerabilities
Zusammenfassung:	ELOG is prone to multiple vulnerabilities.
Beschreibung:	Summary: ELOG is prone to multiple vulnerabilities. Vulnerability Insight: The flaws are due to: - A buffer overflow error in 'elog.c' when processing malformed data. - An infinite loop in the 'replace_inline_img()' [elogd.c] function. - An input validation error when handling the 'subtext' parameter. Vulnerability Impact: Successful exploitation will allow attackers to execute arbitrary scripting code, cause a denial of service or compromise a vulnerable system. Affected Software/OS: ELOG versions prior to 2.7.1. Solution: Upgrade ELOG Version to 2.7.1. Please see the references for more info. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-7004 http://www.osvdb.org/41684 http://www.vupen.com/english/advisories/2008/0265 XForce ISS Database: elog-elogc-bo(39903) https://exchange.xforce.ibmcloud.com/vulnerabilities/39903 Common Vulnerability Exposure (CVE) ID: CVE-2008-0444 BugTraq ID: 27399 http://www.securityfocus.com/bid/27399 http://osvdb.org/41681 http://secunia.com/advisories/28589 XForce ISS Database: elog-subtext-xss(39828) https://exchange.xforce.ibmcloud.com/vulnerabilities/39828 Common Vulnerability Exposure (CVE) ID: CVE-2008-0445 XForce ISS Database: elog-elogd-logbook-dos(39824) https://exchange.xforce.ibmcloud.com/vulnerabilities/39824
Copyright	Copyright (C) 2009 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.