Insertion of Sensitive Information into Log

Impact If successful login attempts are recorded, the raw tokens are stored in the log table. If a malicious person somehow views the data in the log table, he or she can obtain a raw token, which can then be used to send a request with that user's authority. When you 1 use the following...

The vulnerability of the “Red Database” database management system lies in the improper recording of security events, allowing attackers to conceal the source or nature of an attack.

The vulnerability of the “Red Database” database management system is related to incorrect recording of security events when attempting to create or open logs for recording registered events in the journal. Exploiting this vulnerability can allow an attacker to complicate the analysis of audit...

Cowrie - SSH Honeypot

Cowrie is a medium interaction SSH honeypot designed to log brute force attacks and, most importantly, the entire shell interaction performed by the attacker. Cowrie is directly based on Kippo by Upi Tamminen desaster. Features Some interesting features: Fake filesystem with the ability to...

Apache, IIS and other http servers allow by sending a carriage return character forged log-vulnerability warning-the black bar safety net

Description: The majority of the http server receives contains%0d%0a the request resolves to a carriage return and in the log wraps, the use of this A feature can be falsification of logs. Details: Most http servers support-such as%0 0 encoding of request, the main purpose is to provide reliable...