Microsoft Windows/Windows Server Elevation of Privilege Vulnerability (CNVD-2021-90796)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation, an operating system for personal devices, and Microsoft Windows Server, a server operating system. An elevation of privilege vulnerability exists in the Common Log File System driver in Microsoft...

PAN-OS: System proxy passwords may be logged in clear text while viewing system state

An information exposure through log file vulnerability exists where the password for the configured system proxy server for a PAN-OS appliance may be displayed in cleartext when using the CLI in Palo Alto Networks PAN-OS software. Work around: This issue impacts the management web interface. You...

CVE-2020-17088

Windows Common Log File System Driver Elevation of Privilege Vulnerability...

CVE-2020-17088

Windows Common Log File System Driver Elevation of Privilege Vulnerability...

CVE-2020-17088

CVE-2020-17088 is a Windows elevation-of-privilege vulnerability in the Common Log File System (CLFS) driver. The connected CNVD entry explicitly attributes an EoP issue to the CLFS component in Microsoft Windows/Windows Server, indicating a local attacker could exploit it to compromise confident...

openGauss: Configuring Log File Permissions

After loggingcollector is set to on, you can set logfilemode to specify server log file permissions. Access to log files must be restricted, because the log files may contain sensitive data. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced...

openGauss: Configuring the Maximum Logging Duration of An Audit Log File

The parameter auditrotationinterval specifies the maximum logging duration of an audit log file. After the time expires, another audit log file is automatically Created. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright...

CVE-2020-23968

Ilex International Sign&go Workstation Security Suite 7.1 allows elevation of privileges via a symlink attack on ProgramData\Ilex\S&G\Logs\000-sngWSService1.log...

Windows Common Log File System Driver Elevation of Privilege Vulnerability

...

KLA12003 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, execute arbitrary code, cause denial of service, spoof user interface, bypass security restrictions. Below is a...

PT-2020-4687 · Microsoft · Windows Common Log File System Driver +1

Name of the Vulnerable Software and Affected Versions: Windows Common Log File System Driver affected versions not specified Description: The issue is related to insufficient access control in the Windows Common Log File System Driver component of the Windows operating system. Exploitation of thi...

Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2020-17088)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

KB4586785: Windows 10 Version 1803 November 2020 Security Update

The Microsoft 4586785 Product is missing security updates. - Remote Desktop Protocol Server Information Disclosure Vulnerability CVE-2020-16997 - DirectX Elevation of Privilege Vulnerability CVE-2020-16998 - Windows WalletService Information Disclosure Vulnerability CVE-2020-16999 - Remote Deskto...

SuiteCRM Remote Code Execution Vulnerability

SuiteCRM is a free open source customer relationship management application. A remote code execution vulnerability exists in SuiteCRM versions prior to 7.11.17. The vulnerability can be exploited to achieve remote code execution via log file system settings and log file poisoning...

Citrix RDSWatcher

Description RDSWatcher is an advanced Remote Desktop Services session state monitor and logger. It watches all sessions on any Windows machine and logs all session state changes with time stamp as accurately as twice a second. RDSWatcher provides the connection status of current sessions and is...

RTOP Analyzer

RTOP Analyzer - v2.1.0.0 Created Date: Jun 22, 2016 Updated Date: Apr 30, 2018 Where to download ? Certain legacy Citrix tools are now available on request only. Please submit the request here - https://forms.gle/obA39PEz5qpDiSPq8 Once we verify your request, we will provide access to the downloa...

Citrix UPM Log Parser

Citrix UPM Log Parser v1.5 Created Date: Oct 8, 2009 Modified Date: Oct 4, 2016 Please note: You can download the required file from the Citrix downloads website by visiting the following link:https://www.citrix.com/downloads/citrix-tools Description Citrix UPM Log Parser has been designed to hel...

CVE-2020-28328

SuiteCRM before 7.11.17 is vulnerable to remote code execution via the system settings Log File Name setting. In certain circumstances involving admin account takeover, loggerfilename can refer to an attacker-controlled .php file under the web root...

Remote code execution

SuiteCRM before 7.11.17 is vulnerable to remote code execution via the system settings Log File Name setting. In certain circumstances involving admin account takeover, loggerfilename can refer to an attacker-controlled .php file under the web root...

CVE-2020-28328

SuiteCRM before 7.11.17 is vulnerable to remote code execution via the system settings Log File Name setting. In certain circumstances involving admin account takeover, logger_file_name can refer to an attacker-controlled PHP file under the web root. This is a high-severity issue (CVE-2020-28328)...