elogd HTTP request buffer overflow

elogd-http-request-bo (23838) The risk level is classified as LowLow Risk

Description:

elogd is vulnerable to a denial of service attack, caused by a buffer overflow. A remote attacker can send a specially-crafted HTTP request to cause a segmentation fault and cause the daemon to crash.

Platforms Affected:

  • Debian, Debian Linux 3.1
  • Stefan Ritt, Elog Web Logbook 2.6.0-beta4

Remedy:

Apply the appropriate patch for your system. See References.

Consequences:

Denial of Service

References:

  • Full-Disclosure Mailing List, Mon Dec 19 2005 - 04:10:29 CST, elogd 2.6.0 overflow at http://archives.neohapsis.com/archives/fulldisclosure/2005-12/0926.html.
  • PenguinSoft Web site, elogd - web server program for Electronic Logbook ELOG Linux Man Page at http://linux.com.hk/penguin/man/8/elogd.html.
  • BID-15932: ELOG Web Logbook Multiple Remote Buffer Overflow Vulnerabilities
  • BID-16579: ELOG Web Logbook Multiple Remote Vulnerabilities
  • CVE-2005-4439: Buffer overflow in ELOG elogd 2.6.0-beta4 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a URL with a long (1) cmd or (2) mode parameter.
  • CVE-2006-0600: elog before 2.5.7 r1558-4 allows remote attackers to cause a denial of service (infinite redirection) via a request with the fail parameter set to 1, which redirects to the same request.
  • DSA-967: elog -- several vulnerabilities
  • OSVDB ID: 21844: ELOG Multiple Parameter Overflow DoS
  • SA18124: ELOG Long Parameter Value Denial of Service Vulnerability
  • SECTRACK ID: 1015379: ELOG elogd Can Be Crashed By Remote Users
  • VUPEN/ADV-2005-3000: ELOG cmd and mode Parameters Denial of Service Vulnerability

Reported:

Dec 19, 2005

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page