855 matches found
GaussDB Kernel: Configuring Rsyslog for Unified Audit Logs
By default, unified audit logs are output to the Rsyslog on each CN. User root is authorized to configure and view the logs. Ensure that enablesecuritypolicy is Enabled. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright...
Huawei EulerOS: Security Advisory for rsyslog (EulerOS-SA-2020-2394)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
rsyslog bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
EulerOS 2.0 SP2 : rsyslog (EulerOS-SA-2020-2394)
According to the version of the rsyslog packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string...
Huawei EulerOS: Security Advisory for rsyslog (EulerOS-SA-2020-2138)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : rsyslog (EulerOS-SA-2020-2138)
According to the version of the rsyslog packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string...
Security Bulletin: Vulnerabilities in Rsyslog affect IBM Spectrum Protect Plus (CVE-2019-17041, CVE-2019-17042)
Summary Rsyslog is vulnerable to heap-based buffer overflows which may affect IBM Spectrum Protect Plus. Vulnerability Details CVEID: CVE-2019-17041 DESCRIPTION: Rsyslog is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the...
Amazon Linux 2 : rsyslog (ALAS-2020-1447)
The version of rsyslog installed on the remote host is prior to 8.24.0-52. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1447 advisory. An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the...
Medium: rsyslog
Issue Overview: An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages. The parser tries to locate a log message delimiter in this case, a space or a colon but fails to account for strings that do not...
Moderate: Red Hat Security Advisory: security update - Red Hat Ansible Tower 3.7.1-1 - RHEL7 Container
Red Hat Ansible Tower 3.7.1-1 - RHEL7 Container Updated rsyslog integration to not write world-readable configuration files CVE-2020-10782 Updated the included foreman/satellite inventory plugin to add the hostfilters and wantansiblesshhost options Updated Foreman/Satellite inventory to properly...
CVE-2020-10782
An exposure of sensitive information flaw was found in Ansible version 3.7.0. Sensitive information, such tokens and other secrets could be readable and exposed from the rsyslog configuration file, which has set the wrong world-readable permissions. The highest threat from this vulnerability is t...
CVE-2020-10782
An exposure of sensitive information flaw was found in Ansible version 3.7.0. Sensitive information, such tokens and other secrets could be readable and exposed from the rsyslog configuration file, which has set the wrong world-readable permissions. The highest threat from this vulnerability is t...
Design/Logic Flaw
An exposure of sensitive information flaw was found in Ansible version 3.7.0. Sensitive information, such tokens and other secrets could be readable and exposed from the rsyslog configuration file, which has set the wrong world-readable permissions. The highest threat from this vulnerability is t...
CVE-2020-10782
CVE-2020-10782 affects Ansible 3.7.0 by exposing sensitive information from the rsyslog configuration file due to world-readable permissions. The issue is mitigated by upgrading to Ansible 3.7.1, as reflected in both NVD and Red Hat advisories. Red Hat RHSA-2020:2617 confirms a Tower 3.7.1-1 upda...
CVE-2020-10782
An exposure of sensitive information flaw was found in Ansible version 3.7.0. Sensitive information, such tokens and other secrets could be readable and exposed from the rsyslog configuration file, which has set the wrong world-readable permissions. The highest threat from this vulnerability is t...
CVE-2020-10782
An exposure of sensitive information flaw was found in Ansible. Sensitive information, such tokens and other secrets could be readable and exposed from the rsyslog configuration file, which has set the wrong world-readable permissions. The highest threat from this vulnerability is to...
rsyslog security, bug fix, and enhancement update
8.1911.0-3 RHEL 8.2.0 ERRATUM - added patch reverting rejecting expired certs by default resolves: rhbz1782353 - added patch silencing false errors on config.enabled statement resolves: rhbz1659383 8.1911.0-2 RHEL 8.2.0 ERRATUM - cleaned old patches, fixed patch names resolves: rhbz1740683...
rsyslog: heap-based overflow in contrib/pmcisconames/pmcisconames.c
An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The parser tries to locate a log message delimiter in this case, a space or a colon, but fails to account for strings that do not satisfy this constraint. If...
Moderate: Red Hat Security Advisory: rsyslog security, bug fix, and enhancement update
An update for rsyslog is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
RHEL 8 : rsyslog (RHSA-2020:1702)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1702 advisory. The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists,...