CVE-2005-0439

ELOG - Buffer Overflow via Long Attachment Filename

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-0439. PoCs published by n4rk0tix.

AI-analyzed exploit summary This exploit targets a remote buffer overflow vulnerability in ELOG (Electronic Logbook) versions <= 2.5.6. It automates the process of obtaining write passwords, crafting malicious HTTP requests, and executing arbitrary commands via shellcode injection.

Description

Buffer overflow in the decode_post function in ELOG before 2.5.7 allows remote attackers to execute arbitrary code via attachments with long file names.

Exploits (1)

exploitdb WORKING POC VERIFIED

by n4rk0tix · cremotemultiple

https://www.exploit-db.com/exploits/805

View Code ZIP pw:eip

This exploit targets a remote buffer overflow vulnerability in ELOG (Electronic Logbook) versions <= 2.5.6. It automates the process of obtaining write passwords, crafting malicious HTTP requests, and executing arbitrary commands via shellcode injection.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: ELOG (Electronic Logbook) <= 2.5.6

No auth needed

Prerequisites: Network access to the target ELOG server · ELOG server running on default or known port

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Patch vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/12556

Patch x_refsource_confirm

http://sourceforge.net/project/shownotes.php?group_id=40505&release_id=304880

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/19313

Patch, Vendor Advisory x_refsource_confirm

http://midas.psi.ch/elogs/Forum/941

Scores

EPSS 0.1003

EPSS Percentile 95.0%

Details

Status published

Products (18)

stefan_ritt/elog_web_logbook 2.0.0

stefan_ritt/elog_web_logbook 2.0.1

stefan_ritt/elog_web_logbook 2.0.2

stefan_ritt/elog_web_logbook 2.0.3

stefan_ritt/elog_web_logbook 2.0.4

stefan_ritt/elog_web_logbook 2.0.5

stefan_ritt/elog_web_logbook 2.1.0

stefan_ritt/elog_web_logbook 2.1.1

stefan_ritt/elog_web_logbook 2.1.2

stefan_ritt/elog_web_logbook 2.1.3

... and 8 more

Published May 02, 2005

Tracked Since Feb 18, 2026