This vulnerability has been assigned the following CVE identifier: CVE-2017-60005. LOGO! 8 BM provides the following mitigations for this vulnerability: In the web server, logging of malicious requests is enabled.
In the web server, the filter for the 'INET_DNS_query' filter is enabled.
In the web server, the filter for the 'INET_DNS_lookup' filter is enabled.
The web server features a rate limiting.
In the database, the filter for the 'INET_DNS_query' filter is enabled.
In the web server, the filter for the 'INET_DNS_lookup' filter is enabled.
The web server features a rate limiting.
In the database, the filter for the 'INET_DNS_query' filter is enabled.
In the web server, the filter for the 'INET_DNS_lookup' filter is enabled.
The web server features a rate limiting.
In the database, the filter for the 'INET_DNS_query' filter is enabled.
In the web server, the filter for the 'INET_DNS_lookup' filter is enabled.
The web server features a rate limiting.
In the database, the filter for the 'INET_DNS_query' filter is enabled.
Vulnerable C Code and Tested Versions
The vulnerable code is found in the following file:
/usr/sbin/httpd -a /etc/logrotate.conf
The following versions have been tested for this vulnerability:
2.4.18, 2.4.19, and 2.4.27
This vulnerability was discovered by CVE-2017-60005 and LOGO! 8 BM
Timeline
Published on: 10/11/2022 11:15:00 UTC
Last modified on: 10/12/2022 13:28:00 UTC