242 matches found
CVE-2006-0597
Removed by vendor...
CVE-2006-0599
Removed by vendor...
CVE-2006-0600
Removed by vendor...
[SECURITY] [DSA 967-1] New elog packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 967-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 10th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 967-1] New elog packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 967-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 10th, 2006 http://www.debian.org/security/faq -...
DSA-967-1 elog - several
Bulletin has no description...
Format string
Format string vulnerability in the writelogfile function in ELOG before 2.6.1 allows remote attackers to cause a denial of service server crash via unknown attack vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
Directory traversal
Directory traversal vulnerability in ELOG before 2.6.1 allows remote attackers to access arbitrary files outside of the elog directory via "../" dot dot sequences in the URL...
CVE-2006-0348
Format string vulnerability in the writelogfile function in ELOG before 2.6.1 allows remote attackers to cause a denial of service server crash via unknown attack vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2006-0347
Directory traversal vulnerability in ELOG before 2.6.1 allows remote attackers to access arbitrary files outside of the elog directory via "../" dot dot sequences in the URL...
CVE-2006-0348
CVE-2006-0348 affects the ELOG electronic logbook. The vulnerability resides in the write_logfile function as a format string flaw in versions before 2.6.1, which could allow a remote attacker to execute arbitrary code and crash the server. Debian/DSA-967-1 documents fixes to 2.6.1+r1642-1; other...
CVE-2006-0347
The CVE-2006-0347 entry describes a directory traversal vulnerability in elog prior to version 2.6.1, allowing remote attackers to access arbitrary files outside the elog directory via ../ sequences in the URL, causing information disclosure. Debian security advisories (DSA-967-1) indicate fixes ...
CVE-2006-0348
Format string vulnerability in the writelogfile function in ELOG before 2.6.1 allows remote attackers to cause a denial of service server crash via unknown attack vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2006-0347
Directory traversal vulnerability in ELOG before 2.6.1 allows remote attackers to access arbitrary files outside of the elog directory via "../" dot dot sequences in the URL...
CVE-2006-0347
Removed by vendor...
CVE-2006-0348
Removed by vendor...
ELOG < 2.6.1 Multiple Remote Vulnerabilities (Traversal, FS)
The remote host appears to be using ELOG, a web-based electronic logbook application. The version of ELOG installed on the remote host fails to filter directory traversal strings before processing GET requests. An attacker can exploit this issue to retrieve the contents of arbitrary files from th...
ELOG < 2.6.2 Multiple Vulnerabilities
Binary data 3379.prm...
[SA18533] ELOG Format String and Directory Traversal Vulnerabilities
TITLE: ELOG Format String and Directory Traversal Vulnerabilities SECUNIA ADVISORY ID: SA18533 VERIFY ADVISORY: http://secunia.com/advisories/18533/ CRITICAL: Highly critical IMPACT: Security Bypass, DoS, System access WHERE: From remote SOFTWARE: ELOG 2.x http://secunia.com/product/4657/...
CVE-2005-4439
Buffer overflow in ELOG elogd 2.6.0-beta4 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a URL with a long 1 cmd or 2 mode parameter...