Fedora Local Security Checks : Fedora: Security Advisory for elog (FEDORA-2020-f49fe7f011)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.877388

Categoría: Fedora Local Security Checks

Título: Fedora: Security Advisory for elog (FEDORA-2020-f49fe7f011)

Resumen: The remote host is missing an update for the 'elog'; package(s) announced via the FEDORA-2020-f49fe7f011 advisory.

Descripción: Summary:
The remote host is missing an update for the 'elog'
package(s) announced via the FEDORA-2020-f49fe7f011 advisory.

Vulnerability Insight:
ELOG is part of a family of applications known as weblogs. Their general
purpose is:

1. To make it easy for people to put information online in a chronological
fashion, in the form of short, time-stamped text messages ('entries') with
optional HTML markup for presentation, and optional file attachments
(images, archives, etc.)

2. To make it easy for other people to access this information through a
Web interface, browse entries, search, download files, and optionally add,
update, delete or comment on entries.

ELOG is a remarkable implementation of a weblog in at least two respects:

1. Its simplicity of use: you don', t need to be a seasoned server operator
and/or an experimented database administrator to run ELOG, one executable
file (under Unix or Windows), a simple configuration text file, and it works.
No Web server or relational database required. It is also easy to translate
the interface to the appropriate language for your users.

2. Its versatility: through its single configuration file, ELOG can be made
to display an infinity of variants of the weblog concept. There are options
for what to display, how to display it, what commands are available and to
whom, access control, etc. Moreover, a single server can host several
weblogs, and each weblog can be totally different from the rest.

Affected Software/OS:
'elog' package(s) on Fedora 31.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2019-3993
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2IN3FP6VXYSD4OMUCFZNOL7MKPWRQFAL/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4IAS4HI24H2ERKBZTDEVJ3LEQEFWYSCT/
https://www.tenable.com/security/research/tra-2019-53
Common Vulnerability Exposure (CVE) ID: CVE-2019-3994
Common Vulnerability Exposure (CVE) ID: CVE-2019-3995
Common Vulnerability Exposure (CVE) ID: CVE-2019-3992
Common Vulnerability Exposure (CVE) ID: CVE-2019-3996

Copyright Copyright (C) 2020 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.877388
Categoría:	Fedora Local Security Checks
Título:	Fedora: Security Advisory for elog (FEDORA-2020-f49fe7f011)
Resumen:	The remote host is missing an update for the 'elog'; package(s) announced via the FEDORA-2020-f49fe7f011 advisory.
Descripción:	Summary: The remote host is missing an update for the 'elog' package(s) announced via the FEDORA-2020-f49fe7f011 advisory. Vulnerability Insight: ELOG is part of a family of applications known as weblogs. Their general purpose is: 1. To make it easy for people to put information online in a chronological fashion, in the form of short, time-stamped text messages ('entries') with optional HTML markup for presentation, and optional file attachments (images, archives, etc.) 2. To make it easy for other people to access this information through a Web interface, browse entries, search, download files, and optionally add, update, delete or comment on entries. ELOG is a remarkable implementation of a weblog in at least two respects: 1. Its simplicity of use: you don', t need to be a seasoned server operator and/or an experimented database administrator to run ELOG, one executable file (under Unix or Windows), a simple configuration text file, and it works. No Web server or relational database required. It is also easy to translate the interface to the appropriate language for your users. 2. Its versatility: through its single configuration file, ELOG can be made to display an infinity of variants of the weblog concept. There are options for what to display, how to display it, what commands are available and to whom, access control, etc. Moreover, a single server can host several weblogs, and each weblog can be totally different from the rest. Affected Software/OS: 'elog' package(s) on Fedora 31. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-3993 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2IN3FP6VXYSD4OMUCFZNOL7MKPWRQFAL/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4IAS4HI24H2ERKBZTDEVJ3LEQEFWYSCT/ https://www.tenable.com/security/research/tra-2019-53 Common Vulnerability Exposure (CVE) ID: CVE-2019-3994 Common Vulnerability Exposure (CVE) ID: CVE-2019-3995 Common Vulnerability Exposure (CVE) ID: CVE-2019-3992 Common Vulnerability Exposure (CVE) ID: CVE-2019-3996
Copyright	Copyright (C) 2020 Greenbone Networks GmbH