CyberSec.Space Logo
CVEブラウザに戻る

CVE-2019-3995

HIGH
7.5
CVSS Severity Score
EPSS Score0.1280%
EPSS Percentile25.94th
Published2019年12月17日
Last Modified2024年11月21日

Vulnerability Description

ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a NULL pointer dereference. A remote unauthenticated attacker can crash the ELOG server by sending a crafted HTTP GET request.

Affected Platforms (CPE)

📦
Elog Project

Elog

<= 3.1.4-57bea22
💻
Fedoraproject

Fedora

= 30
💻
Fedoraproject

Fedora

= 31

References & Advisories

🔗 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2IN3FP6VXYSD4OMUCFZNOL7MKPWRQFAL/
🔗 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4IAS4HI24H2ERKBZTDEVJ3LEQEFWYSCT/
🔗 https://www.tenable.com/security/research/tra-2019-53
🔗 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2IN3FP6VXYSD4OMUCFZNOL7MKPWRQFAL/
🔗 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4IAS4HI24H2ERKBZTDEVJ3LEQEFWYSCT/
🔗 https://www.tenable.com/security/research/tra-2019-53

関連する脆弱性情報

CVE-2008-700410.0

Buffer overflow in Electronic Logbook (ELOG) before 2.7.1 has unknown impact and attack vectors, possibly related to elog.c.

CVE-2005-44397.8

Buffer overflow in ELOG elogd 2.6.0-beta4 allows remote attackers to cause a denial of service (application crash) and possibly ex...

CVE-2019-39947.5

ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a use after free. A remote unauthenticated at...

CVE-2019-39937.5

ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. A remote unauthenticated attacker can recover...

CVE-2019-3995 Detail & Impact Analysis | CVSS 7.5 (HIGH) | Cyber-Sec.Space | Cyber-Sec.Space