anlgform.pl in Analog prior to 5.23 does not restrict access to the PROGRESSFREQ progress update command, which allows remote malicious users to cause a denial of service (disk consumption) by using the command to report updates more frequently and fill the web server error log.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
stephen turner analog |