[email protected]CVE-2005-0440

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-0440

2005-05-0204:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-0440

elog

authentication bypass

configuration file

sensitive information

remote attack

7.1 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.8%

JSON

ELOG before 2.5.7 allows remote attackers to bypass authentication and download a configuration file that contains a sensitive write password via a modified URL.

CPENameOperatorVersion
stefan_ritt:elog_web_logbookstefan ritt elog web logbookeq2.1.0
stefan_ritt:elog_web_logbookstefan ritt elog web logbookeq2.0.2
stefan_ritt:elog_web_logbookstefan ritt elog web logbookeq2.2.1
stefan_ritt:elog_web_logbookstefan ritt elog web logbookeq2.5
stefan_ritt:elog_web_logbookstefan ritt elog web logbookeq2.2.0
stefan_ritt:elog_web_logbookstefan ritt elog web logbookeq2.2.4
stefan_ritt:elog_web_logbookstefan ritt elog web logbookeq2.5.6
stefan_ritt:elog_web_logbookstefan ritt elog web logbookeq2.2.3
stefan_ritt:elog_web_logbookstefan ritt elog web logbookeq2.4
stefan_ritt:elog_web_logbookstefan ritt elog web logbookeq2.1.2

CPE	Name	Operator	Version
stefan_ritt:elog_web_logbook	stefan ritt elog web logbook	eq	2.1.0
stefan_ritt:elog_web_logbook	stefan ritt elog web logbook	eq	2.0.2
stefan_ritt:elog_web_logbook	stefan ritt elog web logbook	eq	2.2.1
stefan_ritt:elog_web_logbook	stefan ritt elog web logbook	eq	2.5
stefan_ritt:elog_web_logbook	stefan ritt elog web logbook	eq	2.2.0
stefan_ritt:elog_web_logbook	stefan ritt elog web logbook	eq	2.2.4
stefan_ritt:elog_web_logbook	stefan ritt elog web logbook	eq	2.5.6
stefan_ritt:elog_web_logbook	stefan ritt elog web logbook	eq	2.2.3
stefan_ritt:elog_web_logbook	stefan ritt elog web logbook	eq	2.4
stefan_ritt:elog_web_logbook	stefan ritt elog web logbook	eq	2.1.2

Rows per page:

1-10 of 181

References

midas.psi.ch/elogs/Forum/941

sourceforge.net/project/shownotes.php?group_id=40505&release_id=304880

www.securityfocus.com/bid/12556

7.1 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.8%

JSON

Related for CVE-2005-0440

debiancve1 ubuntucve1 cvelist1 nessus1