Lucene search
K

130 matches found

OSV
OSV
added 2021/10/25 1:15 p.m.13 views

CVE-2021-35231

As a result of an unquoted service path vulnerability present in the Kiwi Syslog Server Installation Wizard, a local attacker could gain escalated privileges by inserting an executable into the path of the affected service or uninstall entry. Example vulnerable path:...

6.7CVSS7.3AI score0.00265EPSS
Exploits0References2
NVD
NVD
added 2021/10/25 1:15 p.m.35 views

CVE-2021-35231

As a result of an unquoted service path vulnerability present in the Kiwi Syslog Server Installation Wizard, a local attacker could gain escalated privileges by inserting an executable into the path of the affected service or uninstall entry. Example vulnerable path:...

6.7CVSS0.00265EPSS
Exploits0References2
Prion
Prion
added 2021/10/25 1:15 p.m.13 views

Code injection

As a result of an unquoted service path vulnerability present in the Kiwi Syslog Server Installation Wizard, a local attacker could gain escalated privileges by inserting an executable into the path of the affected service or uninstall entry. Example vulnerable path:...

4.6CVSS6.6AI score0.00265EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/10/25 1:0 p.m.61 views

CVE-2021-35231

The CVE-2021-35231 entry concerns unquoted service path vulnerability in the Kiwi Syslog Server Installation Wizard. A local attacker could escalate privileges by placing an executable in the affected service/uninstall entry path (example: Computer\HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services...

6.7CVSS6.5AI score0.00265EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/10/25 1:0 p.m.38 views

CVE-2021-35231 Unquoted Path (SMB Login) Vulnerability

As a result of an unquoted service path vulnerability present in the Kiwi Syslog Server Installation Wizard, a local attacker could gain escalated privileges by inserting an executable into the path of the affected service or uninstall entry. Example vulnerable path:...

6.7CVSS7.4AI score0.00265EPSS
Exploits0References2
exploitpack
exploitpack
added 2019/11/08 12:0 a.m.17 views

SolarWinds Kiwi Syslog Server 8.3.52 - Kiwi Syslog Server Unquoted Service Path

SolarWinds Kiwi Syslog Server 8.3.52 - Kiwi Syslog Server Unquoted Service Path Exploit Title: SolarWinds Kiwi Syslog Server 8.3.52 - 'Kiwi Syslog Server' Unquoted Service Path Date: 2019-11-08 Exploit Author: Carlos A Garcia R Vendor Homepage: https://www.kiwisyslog.com/ Software Link:...

Exploits0
0day.today
0day.today
added 2019/11/08 12:0 a.m.83 views

SolarWinds Kiwi Syslog Server 8.3.52 - (Kiwi Syslog Server) Unquoted Service Path Vulnerability

Exploit Title: SolarWinds Kiwi Syslog Server 8.3.52 - 'Kiwi Syslog Server' Unquoted Service Path Exploit Author: Carlos A Garcia R Vendor Homepage: https://www.kiwisyslog.com/ Software Link: https://www.kiwisyslog.com/downloads Version: 8.3.52 Tested on: Windows XP Professional Service Pack 3...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2019/11/08 12:0 a.m.167 views

SolarWinds Kiwi Syslog Server 8.3.52 Unquoted Service Path

Exploit Title: SolarWinds Kiwi Syslog Server 8.3.52 - 'Kiwi Syslog Server' Unquoted Service Path Date: 2019-11-08 Exploit Author: Carlos A Garcia R Vendor Homepage: https://www.kiwisyslog.com/ Software Link: https://www.kiwisyslog.com/downloads Version: 8.3.52 Tested on: Windows XP Professional...

0.2AI score
Exploits0
OSV
OSV
added 2019/05/02 5:29 p.m.3 views

CVE-2017-18369

The Billion 5200W-T 1.02b.rc5.dt49 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user. The vulnerability is in the advremotelog.asp page and can be exploited through the syslogServerAd...

9.8CVSS5.8AI score0.67644EPSS
Exploits2References3
n0where
n0where
added 2017/11/14 5:51 p.m.22 views

Linux Process Hunter: Prochunter

Prochunter aims to find hidden process with all userspace and most of the kernelspace rootkits. This tool is composed of a kernel module that prints out all running processes walking the taskstruct list and creates /sys/kernel/prochunter/set entry. A python script that invokes the kernel function...

1AI score
Exploits0References1
Kitploit
Kitploit
added 2017/10/10 2:13 p.m.79 views

OSXAuditor - Free Mac OS X Computer Forensics Tool

OS X Auditor is a free Mac OS X computer forensics tool. OS X Auditor parses and hashes the following artifacts on the running system or a copy of a system you want to analyze: the kernel extensions the system agents and daemons the third party's agents and daemons the old and deprecated system a...

6.8AI score
Exploits0References3
Cloud Foundry
Cloud Foundry
added 2016/09/29 12:0 a.m.34 views

CVE-2016-6653 MySQL Audit logs sent to Syslog | Cloud Foundry

CVE-2016-6653 MySQL Audit logs sent to Syslog High Vendor Cloud Foundry Foundation Versions Affected Cloud Foundry MySQL Release versions 271 and 282 Description MariaDB’s auditplugin, incorporated in cf-mysql-release starting with cf-mysql-release v27, allows the Operator to enable audit trails,...

7.5CVSS7.7AI score0.01363EPSS
Exploits0
CNVD
CNVD
added 2016/09/23 12:0 a.m.3 views

SolarWinds Kiwi Syslog Server Service Path Privilege Elevation Vulnerability

SolarWinds Kiwi Syslog Server is a syslog server for IT administrators and network teams. SolarWinds Kiwi Syslog Server has a security vulnerability. It allows a local user to elevate privileges on the system to execute arbitrary code...

7.2AI score
Exploits0References1
CNVD
CNVD
added 2016/09/21 12:0 a.m.4 views

SolarWinds Kiwi Syslog Server Elevation of Privilege Vulnerability

SolarWinds network security management software products. The application can be installed on a windows system with the option to select the default security service. The default installation path "C:\Program Files x86" is selected when installing the 32-bit application, which may allow an...

7.5AI score
Exploits0References1
0day.today
0day.today
added 2016/09/19 12:0 a.m.33 views

SolarWinds Kiwi Syslog Server 9.5.1 - Unquoted Service Path Privilege Escalation

Exploit for windows platform in category local exploits Document Title: ================ SolarWinds Kiwi Syslog Server Unquoted Service Path Privilege Escalation Vulnerability Author: ======== Halil Dalabasmaz Release Date: ============== 29 SEP 2016 Product & Service Introduction:...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2016/09/19 12:0 a.m.24 views

SolarWinds Kiwi Syslog Server 9.5.1 - Unquoted Service Path Privilege Escalation

SolarWinds Kiwi Syslog Server 9.5.1 - Unquoted Service Path Privilege Escalation Document Title: ================ SolarWinds Kiwi Syslog Server Unquoted Service Path Privilege Escalation Vulnerability Author: ======== Halil Dalabasmaz Release Date: ============== 29 SEP 2016 Product & Service...

1AI score
Exploits0
CNVD
CNVD
added 2016/07/20 12:0 a.m.3 views

Syslog Server 'npriority' Field Remote Denial of Service Vulnerability

Syslog Server is a syslog server for Windows. A security vulnerability exists in syslog Server's failure to handle the contents of the npriority field. Allowing an attacker to pass constructed packets could cause the server to crash...

6.7AI score
Exploits0References1
Packet Storm
Packet Storm
added 2016/07/04 12:0 a.m.24 views

Syslog Server 1.2.3 Denial Of Service

Title: Syslog Server "npriority" field remote Denial of Service vulnerability Software : Syslog Server Software Version : Syslog Server 1.2.3 Vendor: https://sourceforge.net/p/syslog-server/ Vulnerability Published : 2016-07-02 Vulnerability Update Time : Status : Impact : MediumCVSS2 Base : 5.0,...

7.4AI score
Exploits0
Prion
Prion
added 2014/12/20 12:59 a.m.20 views

Design/Logic Flaw

The syslog-management subsystem in Cisco Adaptive Security Appliance ASA Software allows remote attackers to obtain an administrator password by waiting for an administrator to copy a file, and then 1 sniffing the network for a syslog message or 2 reading a syslog message in a file on a syslog...

4.3CVSS7.3AI score0.0108EPSS
Exploits0References1
ArchLinux
ArchLinux
added 2014/10/08 12:0 a.m.34 views

rsyslog: remote denial of service

The rsyslog fix shipped in 8.4.1 for an invalid PRI value see ASA-201410-1 was incomplete, as it did not cover cases where PRI values MAXINT. These values caused an integer overflow, resulting in negative values. Sending a syslog message containing an invalid PRI value to a vulnerable rsyslog...

5CVSS4.2AI score0.04585EPSS
Exploits1References2
Rows per page
Query Builder