Rapid7 Vulnerability & Exploit Database

RHSA-2002:059: Updated analog packages are available

Back to Search

RHSA-2002:059: Updated analog packages are available

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
04/22/2002
Created
07/25/2018
Added
03/24/2010
Modified
07/04/2017

Description

Updated packages for analog are available which fix a cross-site scripting problem and a denial of service problem.

Analog is a web server logfile analysis program. Yuji Takahashi discovered a bug in analog versions prior to 5.2.2 which allows a cross-site scripting attack when an attacker can insert arbitrary strings into a web server logfile. Analog then performs an analysis on all strings in the logfile and reports it. An attacker can exploit this vulnerability, for example, by introducing arbitrary Javascript code into an analog report produced by one user and read by a third person. Additionally a problem was discovered in the optional CGI front end form interface to analog, anlgform.pl in versions prior to 5.23. An attacker who has access to this program could cause the web server error log to fill. All users of analog are advised to upgrade to the errata packages containing analog version 5.24 which is not affected by these vulnerabilities.

Solution(s)

  • redhat-upgrade-analog
  • redhat-upgrade-analog-form

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;