Lucene search
K

855 matches found

OpenVAS
OpenVAS
added 2020/11/20 12:0 a.m.11 views

GaussDB Kernel: Configuring Rsyslog for Unified Audit Logs

By default, unified audit logs are output to the Rsyslog on each CN. User root is authorized to configure and view the logs. Ensure that enablesecuritypolicy is Enabled. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright...

7.3AI score
Exploits0
OpenVAS
OpenVAS
added 2020/11/04 12:0 a.m.16 views

Huawei EulerOS: Security Advisory for rsyslog (EulerOS-SA-2020-2394)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.7AI score0.02834EPSS
Exploits0References2
AlmaLinux
AlmaLinux
added 2020/11/03 12:35 p.m.18 views

rsyslog bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

2.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/11/03 12:0 a.m.21 views

EulerOS 2.0 SP2 : rsyslog (EulerOS-SA-2020-2394)

According to the version of the rsyslog packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string...

9.8CVSS8.4AI score0.02834EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/09/29 12:0 a.m.14 views

Huawei EulerOS: Security Advisory for rsyslog (EulerOS-SA-2020-2138)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.7AI score0.02834EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/09/28 12:0 a.m.21 views

EulerOS 2.0 SP3 : rsyslog (EulerOS-SA-2020-2138)

According to the version of the rsyslog packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string...

9.8CVSS8.4AI score0.02834EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/31 7:31 p.m.23 views

Security Bulletin: Vulnerabilities in Rsyslog affect IBM Spectrum Protect Plus (CVE-2019-17041, CVE-2019-17042)

Summary Rsyslog is vulnerable to heap-based buffer overflows which may affect IBM Spectrum Protect Plus. Vulnerability Details CVEID: CVE-2019-17041 DESCRIPTION: Rsyslog is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the...

9.8CVSS2.6AI score0.04568EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/07/02 12:0 a.m.46 views

Amazon Linux 2 : rsyslog (ALAS-2020-1447)

The version of rsyslog installed on the remote host is prior to 8.24.0-52. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1447 advisory. An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the...

9.8CVSS7.5AI score0.04568EPSS
Exploits0References5
Amazon
Amazon
added 2020/06/30 12:0 a.m.61 views

Medium: rsyslog

Issue Overview: An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages. The parser tries to locate a log message delimiter in this case, a space or a colon but fails to account for strings that do not...

9.8CVSS8.1AI score0.04568EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2020/06/19 1:39 a.m.34 views

Moderate: Red Hat Security Advisory: security update - Red Hat Ansible Tower 3.7.1-1 - RHEL7 Container

Red Hat Ansible Tower 3.7.1-1 - RHEL7 Container Updated rsyslog integration to not write world-readable configuration files CVE-2020-10782 Updated the included foreman/satellite inventory plugin to add the hostfilters and wantansiblesshhost options Updated Foreman/Satellite inventory to properly...

6.5CVSS6.6AI score0.00294EPSS
Exploits0References2
OSV
OSV
added 2020/06/18 1:15 p.m.6 views

CVE-2020-10782

An exposure of sensitive information flaw was found in Ansible version 3.7.0. Sensitive information, such tokens and other secrets could be readable and exposed from the rsyslog configuration file, which has set the wrong world-readable permissions. The highest threat from this vulnerability is t...

6.5CVSS5.7AI score0.00294EPSS
Exploits0References1
NVD
NVD
added 2020/06/18 1:15 p.m.16 views

CVE-2020-10782

An exposure of sensitive information flaw was found in Ansible version 3.7.0. Sensitive information, such tokens and other secrets could be readable and exposed from the rsyslog configuration file, which has set the wrong world-readable permissions. The highest threat from this vulnerability is t...

6.5CVSS0.00294EPSS
Exploits0References1
Prion
Prion
added 2020/06/18 1:15 p.m.16 views

Design/Logic Flaw

An exposure of sensitive information flaw was found in Ansible version 3.7.0. Sensitive information, such tokens and other secrets could be readable and exposed from the rsyslog configuration file, which has set the wrong world-readable permissions. The highest threat from this vulnerability is t...

2.1CVSS6.1AI score0.00294EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/06/18 12:49 p.m.71 views

CVE-2020-10782

CVE-2020-10782 affects Ansible 3.7.0 by exposing sensitive information from the rsyslog configuration file due to world-readable permissions. The issue is mitigated by upgrading to Ansible 3.7.1, as reflected in both NVD and Red Hat advisories. Red Hat RHSA-2020:2617 confirms a Tower 3.7.1-1 upda...

6.5CVSS6.1AI score0.00294EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/06/18 12:49 p.m.23 views

CVE-2020-10782

An exposure of sensitive information flaw was found in Ansible version 3.7.0. Sensitive information, such tokens and other secrets could be readable and exposed from the rsyslog configuration file, which has set the wrong world-readable permissions. The highest threat from this vulnerability is t...

6.5CVSS6.2AI score0.00294EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2020/06/17 6:55 p.m.23 views

CVE-2020-10782

An exposure of sensitive information flaw was found in Ansible. Sensitive information, such tokens and other secrets could be readable and exposed from the rsyslog configuration file, which has set the wrong world-readable permissions. The highest threat from this vulnerability is to...

2.1CVSS1.1AI score0.00294EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2020/05/05 12:0 a.m.43 views

rsyslog security, bug fix, and enhancement update

8.1911.0-3 RHEL 8.2.0 ERRATUM - added patch reverting rejecting expired certs by default resolves: rhbz1782353 - added patch silencing false errors on config.enabled statement resolves: rhbz1659383 8.1911.0-2 RHEL 8.2.0 ERRATUM - cleaned old patches, fixed patch names resolves: rhbz1740683...

9.8CVSS2.1AI score0.04568EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2020/04/28 3:35 p.m.3 views

rsyslog: heap-based overflow in contrib/pmcisconames/pmcisconames.c

An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The parser tries to locate a log message delimiter in this case, a space or a colon, but fails to account for strings that do not satisfy this constraint. If...

9.8CVSS7.5AI score0.03066EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/04/28 3:35 p.m.57 views

Moderate: Red Hat Security Advisory: rsyslog security, bug fix, and enhancement update

An update for rsyslog is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

9.8CVSS6.8AI score0.04568EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2020/04/28 12:0 a.m.27 views

RHEL 8 : rsyslog (RHSA-2020:1702)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1702 advisory. The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists,...

9.8CVSS7.5AI score0.04568EPSS
Exploits0References17
Rows per page
Query Builder