Talos-Apache-Log-Oversight-Scanner

Talos-Apache-Log-Oversight-Scanner Overview The Talos-Ap...

EUVD-2017-9528

Malware in sbrugna...

PimpMyLog v1.7.14 - Improper access control

Exploit Title: PimpMyLog v1.7.14 - Improper access control Date: 2023-07-10 Exploit Author: thoughtfault Vendor Homepage: https://www.pimpmylog.com/ Software Link: https://github.com/potsky/PimpMyLog Version: 1.5.2-1.7.14 Tested on: Ubuntu 22.04 CVE : N/A Description: PimpMyLog suffers from...

SUSE CVE-2021-44216

Northern.tech CFEngine Enterprise before 3.15.5 and 3.18.x before 3.18.1 has Insecure Permissions that may allow unauthorized local users to access the Apache and Mission Portal log files...

PT-2022-12019 · Apache +2 · Apache Http Server +2

Name of the Vulnerable Software and Affected Versions: Northern.tech CFEngine Enterprise versions prior to 3.15.5 Northern.tech CFEngine Enterprise versions 3.18.x prior to 3.18.1 Description: The issue is related to insecure permissions, which may allow unauthorized local users to access log...

GHSA-HWHF-64MH-R662 ReDoS vulnerability in parser_apache2

Impact parserapache2 plugin in Fluentd v0.14.14 to v1.14.1 suffers from a regular expression denial of service ReDoS vulnerability. A broken apache log with a certain pattern of string can spend too much time in a regular expression, resulting in the potential for a DoS attack. Patches v1.14.2...

CVE-2021-41186

Fluentd collects events from various data sources and writes them to files to help unify logging infrastructure. The parserapache2 plugin in Fluentd v0.14.14 to v1.14.1 suffers from a regular expression denial of service ReDoS vulnerability. A broken apache log with a certain pattern of string ca...

Fluentd 资源管理错误漏洞

Fluentd is an open source log collector from the Cloud Native Computing Cloud Native Computing Foundation Foundation. It is used to collect events from various data sources and write them to files, Rdbms, NoSql, IaaS, SaaS, Hadoop and more. A resource management error vulnerability exists in...

Exploitation of Accellion File Transfer Appliance

Summary This joint advisory is the result of a collaborative effort by the cybersecurity authorities of Australia,1 New Zealand,2 Singapore,3 the United Kingdom,4 and the United States.56 These authorities are aware of cyber actors exploiting vulnerabilities in Accellion File Transfer Appliance...

CVE-2017-18412

cPanel before 67.9999.103 allows Apache HTTP Server log files to become world-readable because of mishandling on an account rename SEC-296...

CVE-2018-20932

cPanel before 70.0.23 exposes Apache HTTP Server logs after creation of certain domains SEC-406...

MakerBot Industries Replicator 5G printer information leakage vulnerability

The MakerBot Industries Replicator 5G printer is a fifth-generation 3D printer from the American company MakerBot Industries. An information disclosure vulnerability exists in the MakerBot Industries Replicator 5G printer, which runs the Apache HTTP server. The vulnerability can be exploited to...

CVE-2018-18864

Loadbalancer.org Enterprise VA MAX before 8.3.3 has XSS because Apache HTTP Server logs are displayed...

klinza professional cms 5.0.1 'menulast.php' Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37127/info The 'klinza professional cms' project is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the...

NPDS 5.10 Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/18383/info NPDS is prone to multiple input-validation issues, including information-disclosure and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize...

XMB <= 1.9.6 Final basename() Remote Command Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo XMB = 1.9.6 Final basename 'langfilenew' arbitrary local inclusion / remote commands xctn\n; echo by rgod [email protected]\n; echo site: http://retrogod.altervista.org\n; echo dork: \Powered by XMB\n\n; / works...

pL-PHP <= beta 0.9 - Local File Include Exploit

No description provided by source. !/usr/bin/perl pL-PHP = beta 0.9 Local File Include Exploit Discovered by cr4wl3r Contact : cr4wl3r!linuxmail.org use IO::Socket; use LWP::Simple; @apache= ../apache/logs/error.log, ../apache/logs/access.log, ../../apache/logs/error.log,...

Updated fail2ban packages fix CVE-2013-2178

Krzysztof Katowicz-Kowalewski discovered a vulnerability in Fail2ban, a log monitoring and system which can act on attack by preventing hosts to connect to specified services using the local firewall. When using Fail2ban to monitor Apache logs, improper input validation in log parsing could enabl...

DSA-2708-1 fail2ban - denial of service

Bulletin has no description...

Fedora Update for cherokee FEDORA-2011-12698

Check for the Version of cherokee OpenVAS Vulnerability Test Fedora Update for cherokee FEDORA-2011-12698 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...