ELOG < 2.6.2 Multiple Vulnerabilities

ID 3379.PRM
Type nessus
Reporter Tenable
Modified 2019-03-06T00:00:00


The remote host appears to be using ELOG, a web-based electronic logbook application. The version of ELOG installed on the remote host fails to filter directory traversal strings before processing GET requests. An attacker can exploit this issue to retrieve the contents of arbitrary files from the remote host, subject to the privileges under which ELOG runs. In addition, the application is reportedly affected by a format string vulnerability in the 'write_logfile'. Provided logging is enabled, an attacker may be able to exploit this via the 'uname' parameter of the login form to crash the application or execute arbitrary code remotely.

                                            Binary data 3379.prm