Directory traversal vulnerability in processor_web plugin for ModLogAn 0.5.0 through 0.7.11, when used with the splitby option, allows local users to overwrite arbitrary files via a .. (dot dot) in the hostname of a log entry.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Modlogan | Modlogan | 0.6 | 0.6 |
Modlogan | Modlogan | 0.5.7 | 0.5.7 |
Modlogan | Modlogan | 0.7.11 | 0.7.11 |
Modlogan | Modlogan | 0.5.6 | 0.5.6 |
Modlogan | Modlogan | 0.5 | 0.5 |