Photon OS 3.0: Rsyslog PHSA-2019-3.0-0036

An update of the rsyslog package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0036. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

RHEL 6 : rsyslog (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - rsyslog: heap-based overflow in contrib/pmcisconames/pmcisconames.c CVE-2019-17042 - An issue was...

K12213311: Rsyslog v8.1908.0.0 vulnerability CVE-2019-17041

Security Advisory Description An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages. The parser tries to locate a log message delimiter in this case, a space or a colon but fails to account for strings...

Ubuntu 16.04 ESM : Rsyslog vulnerabilities (USN-5419-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5419-1 advisory. It was discovered that Rsyslog improperly handled certain invalid input. An attacker could use this issue to cause Rsyslog to crash. Tenable has extracte...

Mageia: Security Advisory (MGASA-2019-0400)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-2835-1 : rsyslog - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2835 advisory. Two heap overflows were fixed in the rsyslog logging daemon. CVE-2019-17041 Heap overflow in the AIX message parser. CVE-2019-17042 Heap overflow in the Cisco log...

SUSE: Security Advisory (SUSE-SU-2020:0512-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:0424-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 8 : rsyslog (CESA-2020:1702)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:1702 advisory. - rsyslog: heap-based overflow in contrib/pmaixforwardedfrom/pmaixforwardedfrom.c CVE-2019-17041 - rsyslog: heap-based overflow in...

CVE-2020-17041

Windows Print Configuration Elevation of Privilege Vulnerability...

CVE-2020-17041

Windows Print Configuration Elevation of Privilege Vulnerability...

CVE-2020-17041

CVE-2020-17041 technical details are not publicly available in the provided documents. Monitor for updates.

Microsoft Windows Multiple Vulnerabilities (KB4586834)

This host is missing a critical security update according to Microsoft KB4586834 SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

KB4586786: Windows 10 Version 1903 and Windows 10 Version 1909 November 2020 Security Update

The Windows installation on the remote host is missing security update 4586781. It is, therefore, affected by multiple vulnerabilities. Please review the vendor advisory for more details. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from t...

KB4586823: Windows 8.1 and Windows Server 2012 R2 November 2020 Security Update

The Windows installation on the remote host is missing security update 4586781. It is, therefore, affected by multiple vulnerabilities. Please review the vendor advisory for more details. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from t...

Security Bulletin: Vulnerabilities in Rsyslog affect IBM Spectrum Protect Plus (CVE-2019-17041, CVE-2019-17042)

Summary Rsyslog is vulnerable to heap-based buffer overflows which may affect IBM Spectrum Protect Plus. Vulnerability Details CVEID: CVE-2019-17041 DESCRIPTION: Rsyslog is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the...

Medium: rsyslog

Issue Overview: An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages. The parser tries to locate a log message delimiter in this case, a space or a colon but fails to account for strings that do not...

RHEL 7 : rsyslog (RHSA-2020:1000)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1000 advisory. The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists,...

EulerOS Virtualization 3.0.2.2 : rsyslog (EulerOS-SA-2020-1276)

According to the versions of the rsyslog packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco lo...

Huawei EulerOS: Security Advisory for rsyslog (EulerOS-SA-2020-1218)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...