[SAMHAIN 3.0.9] File Integrity Checker / Host-Based Intrusion Detection System

The Samhain host-based intrusion detection system HIDS provides file integrity checking and log file monitoring/analysis , as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes. Samhain been designed to monitor multiple hosts with potentially...

Fedora 17 : fail2ban-0.8.8-1.fc17 (2012-20619)

Update to 0.8.8 CVE-2012-5642 Bug 887914 - Fixes : - Alan Jenkins - 8c38907 Removed 'POSSIBLE BREAK-IN ATTEMPT' from sshd filter to avoid banning due to misconfigured DNS. Close gh-64 - Yaroslav Halchenko - 83109bc IMPORTANT: escape the content of if used in custom action files since its value...

DEBIAN-CVE-2012-0961

Apt 0.8.16exp5ubuntu13.x before 0.8.16exp5ubuntu13.6, 0.8.16exp12ubuntu10.x before 0.8.16exp12ubuntu10.7, and 0.9.7.5ubuntu5.x before 0.9.7.5ubuntu5.2, as used in Ubuntu, uses world-readable permissions for /var/log/apt/term.log, which allows local users to obtain sensitive shell information by...

CVE-2012-0961

Apt 0.8.16exp5ubuntu13.x before 0.8.16exp5ubuntu13.6, 0.8.16exp12ubuntu10.x before 0.8.16exp12ubuntu10.7, and 0.9.7.5ubuntu5.x before 0.9.7.5ubuntu5.2, as used in Ubuntu, uses world-readable permissions for /var/log/apt/term.log, which allows local users to obtain sensitive shell information by...

CVE-2012-0961

Apt 0.8.16exp5ubuntu13.x before 0.8.16exp5ubuntu13.6, 0.8.16exp12ubuntu10.x before 0.8.16exp12ubuntu10.7, and 0.9.7.5ubuntu5.x before 0.9.7.5ubuntu5.2, as used in Ubuntu, uses world-readable permissions for /var/log/apt/term.log, which allows local users to obtain sensitive shell information by...

CVE-2012-0961

Apt 0.8.16exp5ubuntu13.x before 0.8.16exp5ubuntu13.6, 0.8.16exp12ubuntu10.x before 0.8.16exp12ubuntu10.7, and 0.9.7.5ubuntu5.x before 0.9.7.5ubuntu5.2, as used in Ubuntu, uses world-readable permissions for /var/log/apt/term.log, which allows local users to obtain sensitive shell information by...

CVE-2012-0961

CVE-2012-0961 affects apt in Ubuntu, where the package versions listed (0.8.16~exp5ubuntu13.x up to 0.9.7.5ubuntu5.x) expose world-readable permissions on /var/log/apt/term.log. This permits local users to read sensitive shell information from the log and is a local information-disclosure issue. ...

Microsoft SQL Server Database Link Crawling Command Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' require...

CVE-2012-5638

The setuplogging function in log.h in SANLock uses world-writable permissions for /var/log/sanlock.log, which allows local users to overwrite the file content or bypass intended disk-quota restrictions via standard filesystem write operations...

CVE-2012-3329

IBM Advanced Settings Utility ASU through 3.62 and 3.70 through 9.21 and Bootable Media Creator BoMC through 2.30 and 3.00 through 9.21 on Linux allow local users to overwrite arbitrary files via a symlink attack on a 1 temporary file or 2 log file...

Code injection

IBM Advanced Settings Utility ASU through 3.62 and 3.70 through 9.21 and Bootable Media Creator BoMC through 2.30 and 3.00 through 9.21 on Linux allow local users to overwrite arbitrary files via a symlink attack on a 1 temporary file or 2 log file...

CVE-2012-0961

Apt 0.8.16exp5ubuntu13.x before 0.8.16exp5ubuntu13.6, 0.8.16exp12ubuntu10.x before 0.8.16exp12ubuntu10.7, and 0.9.7.5ubuntu5.x before 0.9.7.5ubuntu5.2, as used in Ubuntu, uses world-readable permissions for /var/log/apt/term.log, which allows local users to obtain sensitive shell information by...

Symantec Messaging Gateway 9.5 Log File Download Vulnerability

This module will download a file of your choice against Symantec Messaging Gateway. This is possible by exploiting a directory traversal vulnerability when handling the 'logFile' parameter, which will load an arbitrary file as an attachment. Note that authentication is required in order to...

sanlock world writable /var/log/sanlock.log

The setuplogging function in log.h in SANLock uses world-writable permissions for /var/log/sanlock.log, which allows local users to overwrite the file content or bypass intended disk-quota restrictions via standard filesystem write operations...

Microsoft IIS 密码信息泄露漏洞（MS12-073)

BUGTRAQ ID: 56439 CVE ID: CVE-2012-2531 Internet Information Services（IIS，互联网信息服务）是由微软公司提供的基于运行Microsoft Windows的互联网基本服务。 Microsoft IIS 7.5对操作日志使用了弱权限，没有正确限制对某些日志文件的访问，通过读取此文件，可允许本地用户获取已配置账户的用户名和密码。要利用此漏洞需要启用IIS的操作日志。 0 Microsoft IIS 7.x 临时解决方法： 如果已经启用了IIS的"Operational"日志，则在分配给应用池自定义账户之前，请禁用...

Code injection

The Asial Monaca Debugger application before 1.4.2 for Android allows remote attackers to obtain sensitive 1 account or 2 session ID information in a system log file via a crafted application...

Microsoft Windows IIS FTP Service Information Disclosure Vulnerability (2761226)

This host is missing a moderate security update according to Microsoft Bulletin MS12-073. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Windows IIS FTP Service Information Disclosure Vulnerability (2761226)

This host is missing a moderate security update according to Microsoft Bulletin MS12-073. OpenVAS Vulnerability Test $Id: secpodms12-073.nasl 5346 2017-02-19 08:43:11Z cfi $ Microsoft Windows IIS FTP Service Information Disclosure Vulnerability 2761226 Authors: Rachana Shetty Copyright: Copyright...

rhncfg: Insecure permissions used for /var/log/rhncfg-actions file

Red Hat Network RHN Configuration Client rhncfg-client in rhncfg before 5.10.27-8 uses weak permissions world-readable for /var/log/rhncfg-actions, which allows local users to obtain sensitive information about the rhncfg-client actions by reading the file...

CVE-2012-3030

WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, stores sensitive information under the web root with insufficient access control, which allows remote attackers to read a 1 log file or 2 configuration file via a direct request...