|
|
Family: Gain a shell remotely --> Category: mixed
ELOG Remote Buffer Overflow Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Checks for remote buffer overflow vulnerabilities in ELOG
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server is affected by remote buffer overflow flaws.
Description :
The remote host appears to be using ELOG, a web-based electronic
logbook application.
The version of ELOG installed on the remote host crashes when it
receives HTTP requests with excessive data for the 'mode' and 'cmd'
parameters. An unauthenticated attacker may be able to exploit these
issues to execute arbitrary code on the remote host subject to the
rights under which the application runs.
See also :
http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040301.html
Solution :
Unknown at this time.
Threat Level:
Low / CVSS Base Score : 3.3
(AV:R/AC:L/Au:NR/C:N/I:N/A:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
