EUVD-2015-5187

Malware in sbrugna...

EUVD-2008-1629

Malware in sbrugna...

Oracle Linux 5 : pam (ELSA-2007-0555)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2007-0555 advisory. - CVE-2007-3102 - prevent audit log injection through user name 243204 Tenable has extracted the preceding description block directly from the Oracle...

Configuring host-level audit logging for AKS VMSS

This blog post runs you through how to enable and configure Linux audit logging on your Azure Kubernetes Service AKS Virtual Machine Scale Set VMSS using the Linux auditing subsystem, also known as auditd. Warning The information provided below is accurate as of the release date of this blog post...

SUSE CVE-2015-5186

Audit before 2.4.4 in Linux does not sanitize escape characters in filenames...

Vulners Linux Audit API for Host Vulnerability Detection: Manual Auditing, Python Scripting and Licensing

Hello everyone! This episode will be about Vulners Linux Audit API, which allows you to detect vulnerabilities on a Linux host knowing only the OS version and installed packages. I had a similar post about this 4 years ago, but some details have changed, so I came back to this topic. Manual Audit...

Linux: Read /etc/audit/audit.rules (KB)

audit.rules is a file containing audit rules that will be loaded by the audit daemons init script whenever the daemon is started. The auditctl program is used by the initscripts to perform this operation. The syntax for the rules is essentially the same as when typing in an auditctl command at a...

libreswan security and bug fix update

3.29-6.0.1 - Add libreswan-oracle.patch to detect Oracle Linux distro 3.29-6 - Resolves: rhbz1714331 support NSS based IKE KDFs require updated nss for rhbz 1738689, memleak fix 3.29-5 - Resolves: rhbz1714331 support NSS based IKE KDFs so libreswan does not need FIPS certification 3.29-4 -...

NewStart CGSL MAIN 4.05 : openssh-latest Multiple Vulnerabilities (NS-SA-2019-0146)

The remote NewStart CGSL host, running version MAIN 4.05, has openssh-latest packages installed that are affected by multiple vulnerabilities: - scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice...

UBUNTU-CVE-2015-5186

Audit before 2.4.4 in Linux does not sanitize escape characters in filenames...

CVE-2015-5186

Audit before 2.4.4 in Linux does not sanitize escape characters in filenames...

Linux Audit '/auparse/auparse.c' Security Bypass Vulnerability

Linux Audit is a set of graphical tools for viewing audit logs of Linux systems. A security bypass vulnerability exists in Linux Audit. An attacker could exploit this vulnerability to bypass security restrictions and perform unauthorized operations...

Oracle Linux 4 : kernel (ELSA-2008-0167)

From Red Hat Security Advisory 2008:0167 : Updated kernel packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kernel packages contain t...

Gentoo Security Advisory GLSA 200807-14 (audit)

The remote host is missing updates announced in advisory GLSA 200807-14. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200807-14 (audit)

The remote host is missing updates announced in advisory GLSA 200807-14. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GLSA-200807-14 : Linux Audit: Buffer overflow

The remote host is affected by the vulnerability described in GLSA-200807-14 Linux Audit: Buffer overflow A stack-based buffer overflow has been reported in the auditlogusercommand function in the file lib/auditlogging.c when processing overly long arguments. Impact : A local attacker could execu...

Linux Audit: Buffer overflow

Background Linux Audit is a set of userspace utilities for storing and processing auditing records. Description A stack-based buffer overflow has been reported in the auditlogusercommand function in the file lib/auditlogging.c when processing overly long arguments. Impact A local attacker could...

Linux Audit守护程序audit_log_user_command()本地栈溢出漏洞

BUGTRAQ ID: 28524 Linux Audit是用于查看Linux系统审计日志的图形工具。 Linux Audit的lib/auditlogging.c文件中的auditlogusercommand函数存在栈溢出漏洞，如果本地用户向该函数传送了超长的command参数的话，就可以触发这个溢出，导致以使用libaudit应用的权限执行任意指令。 Linux Audit Linux Audit 1.6.9 Linux Audit ----------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Stack overflow

Stack-based buffer overflow in the auditlogusercommand function in lib/auditlogging.c in Linux Audit before 1.7 might allow remote attackers to execute arbitrary code via a long command argument. NOTE: some of these details are obtained from third party information...

CVE-2008-1628

Stack-based buffer overflow in the auditlogusercommand function in lib/auditlogging.c in Linux Audit before 1.7 might allow remote attackers to execute arbitrary code via a long command argument. NOTE: some of these details are obtained from third party information...