CVE-2008-7206

ELOG (Electronic Logbook)

ELOG Remote Buffer Overflow and Cross Site Scripting Vulnerabilities

This host has ELOG installed and is prone multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodelogmultvuln.nasl 5055 2017-01-20 14:08:39Z teissa $ ELOG Remote Buffer Overflow and Cross Site Scripting Vulnerabilities Authors: Antu Sanadi Copyright: Copyright c 2009 SecPod,...

ELOG Version Detection

This script finds the running ELOG Version and saves the result in KB. OpenVAS Vulnerability Test $Id: secpodelogdetect.nasl 5877 2017-04-06 09:01:48Z teissa $ ELOG Version Detection Authors: Antu Sanadi Copyright: Copyright c 2009 SecPod, http://www.secpod.com This program is free software; you...

ELOG Detection (HTTP)

HTTP based detection of ELOG. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.901008";...

ELOG < 2.7.1 Multiple Vulnerabilities

ELOG is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:elogproject:elog"; ifdescription...

CVE-2008-7004

Buffer overflow in Electronic Logbook ELOG before 2.7.1 has unknown impact and attack vectors, possibly related to elog.c...

Buffer overflow

Buffer overflow in Electronic Logbook ELOG before 2.7.1 has unknown impact and attack vectors, possibly related to elog.c...

CVE-2008-7004

Buffer overflow in Electronic Logbook ELOG before 2.7.1 has unknown impact and attack vectors, possibly related to elog.c...

CVE-2008-7004

ELOG before 2.7.1 is affected by multiple vulnerabilities, including a remote buffer overflow (likely in elog.c) with CVSS-like indication of high impact. Affected product: Electronic Logbook (ELOG); vulnerable component/file: elog.c; version prior to 2.7.1. OpenVAS confirms multiple issues and l...

ELOG Web LogBook global Denial of Service

The remote web server is affected by a denial of service issue. Description : The remote web server is identified as ELOG Web Logbook, an open source blogging software. The version of ELOG Web Logbook installed on the remote host is vulnerable to a denial of service attack by requesting '/global'...

ELOG < 2.6.2-7 DoS Vulnerability

ELOG is prone to a denial of service DoS vulnerability by requesting SPDX-FileCopyrightText: 2008 Justin Seitz Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Information disclosure

The replaceinlineimg function in elogd in Electronic Logbook ELOG before 2.7.1 allows remote attackers to cause a denial of service infinite loop via crafted logbook entries. NOTE: some of these details are obtained from third party information...

Cross site scripting

Cross-site scripting XSS vulnerability in Electronic Logbook ELOG before 2.7.0 allows remote attackers to inject arbitrary web script or HTML via subtext parameter to unspecified components...

CVE-2008-0445

The replaceinlineimg function in elogd in Electronic Logbook ELOG before 2.7.1 allows remote attackers to cause a denial of service infinite loop via crafted logbook entries. NOTE: some of these details are obtained from third party information...

CVE-2008-0445

The replaceinlineimg function in elogd in Electronic Logbook ELOG before 2.7.1 allows remote attackers to cause a denial of service infinite loop via crafted logbook entries. NOTE: some of these details are obtained from third party information...

CVE-2008-0444

CVE-2008-0444 affects Electronic Logbook (ELOG) versions before 2.7.0. The vulnerability is a Cross-site Scripting (XSS) issue that could allow remote attackers to inject arbitrary web script or HTML through the subtext parameter to unspecified components. The available connected sources confirm ...

CVE-2008-0444

Cross-site scripting XSS vulnerability in Electronic Logbook ELOG before 2.7.0 allows remote attackers to inject arbitrary web script or HTML via subtext parameter to unspecified components...

CVE-2008-0445

Removed by vendor...

CVE-2008-0444

Removed by vendor...

Debian Security Advisory DSA 967-1 (elog)

The remote host is missing an update to elog announced via advisory DSA 967-1. Several security problems have been found in elog, an electonic logbook to manage notes. The Common Vulnerabilities and Exposures Project identifies the following problems: CVE-2005-4439 GroundZero Security discovered...