Modlogan : Security Vulnerabilities, CVEs,
The processor_web plugin for ModLogAn 0.5.0 through 0.7.11, when used with the splitby option, allows local users to overwrite arbitrary files via a symlink attack on files specified as hostnames in a log file.
Max CVSS
2.1
EPSS Score
0.04%
Published
2002-12-31
Updated
2008-09-05
Directory traversal vulnerability in processor_web plugin for ModLogAn 0.5.0 through 0.7.11, when used with the splitby option, allows local users to overwrite arbitrary files via a .. (dot dot) in the hostname of a log entry.
Max CVSS
2.1
EPSS Score
0.04%
Published
2002-12-31
Updated
2008-09-05
2 vulnerabilities found