Summary
The remote web server is affected by a denial of service issue.
Description :
The remote web server is identified as ELOG Web Logbook, an open source blogging software.
The version of ELOG Web Logbook installed on the remote host is vulnerable to a denial of service attack by requesting '/global' or any logbook with 'global' in its name. When a request like this is received, a NULL pointer dereference occurs, leading to a crash of the service.
Solution
Upgrade to ELOG version 2.6.2-7 or later.
CVSS Base Score : 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
References
Severity
Classification
-
CVE CVE-2006-6318 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Apache mod_proxy_ajp Information Disclosure Vulnerability
- Andy's PHP Knowledgebase Multiple Cross-Site Scripting Vulnerabilities
- Apache Archiva Home Page Cross-Site Scripting vulnerability
- Apache ActiveMQ Source Code Information Disclosure Vulnerability
- 2532|Gigs Directory Traversal And SQL Injection Multiple Vulnerabilities