• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

ELOG Web Logbook Multiple Remote Vulnerabilities

ELOG is reported prone to multiple remote vulnerabilities. These issues may allow an attacker to disclose sensitive information and potentially execute arbitrary code on a vulnerable computer.

The following specific issues were identified:

The application is reported prone to an unspecified buffer overflow vulnerability. The vendor has reported that this vulnerability is exploitable and allows attackers to gain unauthorized access to a vulnerable computer.

Another vulnerability affecting the application can allow remote attackers to obtain sensitive information such as authentication credentials stored in an unspecified configuration file.

ELOG 2.5.0 and prior versions are affected by these vulnerabilities.