RSS   Vulnerabilities for 'Modlogan'   RSS

2002-12-31
 
CVE-2002-2051

 

 
The processor_web plugin for ModLogAn 0.5.0 through 0.7.11, when used with the splitby option, allows local users to overwrite arbitrary files via a symlink attack on files specified as hostnames in a log file.

 
 
CVE-2002-2050

 

 
Directory traversal vulnerability in processor_web plugin for ModLogAn 0.5.0 through 0.7.11, when used with the splitby option, allows local users to overwrite arbitrary files via a .. (dot dot) in the hostname of a log entry.

 


Copyright 2024, cxsecurity.com

 

Back to Top