Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG  Not logged in ELOG logo
 Back  |  Find  |  Login  |  Help 
Message ID: 69114     Entry time: Wed Feb 12 13:19:31 2020
Icon: Idea  Author: Stefan Ritt  Author Email: stefan.ritt@psi.ch 
Category: Info  OS: All  ELOG Version: 3.1.4 
Subject: ELOG Null Pointer Dereference Denial-of-Service Vulnerability 

An ELOG vulnerability has been reported, thanks to Asif Akbar of Trend Micro Security Researchworking with Trend Micro's Zero Day Initiative:

https://www.zerodayinitiative.com/advisories/ZDI-20-252/

The issue has been fixed in the current release 3.1.4-033e292 and in the RPM http://elog.psi.ch/elog/download/RPMS/elog-latest.x86_64.rpm

Best,
Stefan

 

ELOG V3.1.5-fe60aaf