38 matches found
DLA-72-1 rsyslog - security update
Bulletin has no description...
openSUSE Security Update : rsyslog (openSUSE-SU-2014:1297-1)
Fixed PRI DoS vulnerability patch CVE-2014-3683,bnc899756 rsyslog-7.4.7-remote-PRI-DoS-fix-backportCVE-2014-3634. patch - Removed broken, unsupported and dropped by upstream zpipe utility from rsyslog-diag-tools package bnc890228 - Remote syslog PRI DoS vulnerability fix CVE-2014-3634,bnc897262 +...
ISDN4Linux 3.1 IPPPD Device String SysLog Format String Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/5437/info isdn4linux is a freely available, open source package of isdn compatibility tools. It is available for Linux operating systems. isdn4linux contains a format string vulnerability in the ipppd utility. In some...
Cisco ASA 5500 Series Multiple Vulnerabilities (cisco-sa-20120314-asa)
The remote Cisco ASA is missing a security patch and may be affected by the following issues : - When UDP inspection is enabled, inspecting malformed transit traffic could cause the device to reload. CVE-2012-0353 - When the Threat Detection feature is configured with the Scanning Threat Mode...
cfengine format string vulnerability
Cfengine is running on this remote host. Cfengine contains a component, cfd, which serves as a remote-configuration client to cfengine. This version of cfd contains several flaws in the way that it calls syslog. As a result, trusted hosts and valid users if access controls are not in place can...
HP-UX Security patch : PHCO_6157
The remote host is missing HP-UX Security Patch number PHCO6157 . Security Vulnerability in HP-UX syslog3 subroutine %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid16904;...
proxytunnel format string bug
Format string bug on syslog...
socat format string bug
syslog format string bug with -ly option...
Rlpr Advisory
,'| .-''-.....--'; / '. ..-' , ,--...--''' .--''' /' -';' ; ; ; ...--'' ...--..' .;.' fL ,....----''' ,..--'' felinemenace.org Program: rlprd 2.0.4 Impact: remote root Discovered: jaguar Writeup and exploits: Andrew Griffiths 1 Background It is a package that makes it possible or at the very leas...
Slurp 1.10 - SysLog Remote Format String
source: https://www.securityfocus.com/bid/4935/info slurp is a freely available, open source NNTP client. It is designed for use on most Unix and Linux operating systems. It may be possible for a remote server to execute code on a vulnerable client. slurp offers functionality that allows the...
another format string bug
There is a format string bug in 'pwc' ftp://ftp.media-com.com.pl/pub/other/pwc.tar.gz. This CGI script is used to change users password via www blah!. writelog call syslog function, which 'eats' ; characters and log it to system logs. But you can paste shellcode into buffers512 and syslog will ru...
CVE-1999-0171
Denial of service in syslog by sending it a large number of superfluous messages...
Debian 2.0 - Super Syslog Buffer Overflow
Debian 2.0 - Super Syslog Buffer Overflow // source: https://www.securityfocus.com/bid/342/info // // After the first super buffer overflow vulnerability was discovered, another appeared shortly after. This vulnerability exists when the syslog option is enabled. The overflow is in the file error....
Debian 2.0 - Super Syslog Buffer Overflow
// source: https://www.securityfocus.com/bid/342/info // // After the first super buffer overflow vulnerability was discovered, another appeared shortly after. This vulnerability exists when the syslog option is enabled. The overflow is in the file error.c, in the Error function where the...
Cisco IOS 12.0.2 - Syslog Crash
Cisco IOS 12.0.2 - Syslog Crash source: https://www.securityfocus.com/bid/675/info Cisco devices running classic IOS are reported prone to a denial of service vulnerability. The issue occurs when a vulnerable device receives and processes a UDP packet on UDP port 514 for syslog. This issue result...
Cisco IOS 12.0.2 - Syslog Crash
source: https://www.securityfocus.com/bid/675/info Cisco devices running classic IOS are reported prone to a denial of service vulnerability. The issue occurs when a vulnerable device receives and processes a UDP packet on UDP port 514 for syslog. This issue results in a crash or hang requiring a...
CVE-1999-0171
Denial of service in syslog by sending it a large number of superfluous messages...
FreeBSD-SA-96:08.syslog
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-96:08 Security Advisory FreeBSD, Inc. Topic: syslog vulnerability Category: core Module: libc Announced: 1996-04-21 Affects: FreeBSD 2.0 and 2.0.5 Corrected: 1995-10-15...