Lucene search
+L

140 matches found

ptsecurity
ptsecurity
added 2020/01/30 12:0 a.m.7 views

PT-2020-20148 · Trend Micro · Ossec-Hids

Name of the Vulnerable Software and Affected Versions: OSSEC-HIDS versions 2.7 through 3.5.0 Description: The issue affects the server component responsible for log analysis, ossec-analysisd, which is vulnerable to a denial of service due to a NULL pointer dereference. This can be triggered by...

5.5CVSS5.3AI score0.00492EPSS
Exploits2References7
ptsecurity
ptsecurity
added 2020/01/30 12:0 a.m.5 views

PT-2020-20142 · Trend Micro · Ossec-Hids

Name of the Vulnerable Software and Affected Versions: OSSEC-HIDS versions 2.7 through 3.5.0 Description: The server component responsible for log analysis, ossec-analysisd, is vulnerable to a heap-based buffer overflow in the rootcheck decoder component via an authenticated client...

8.8CVSS8.7AI score0.02385EPSS
Exploits2References7
ptsecurity
ptsecurity
added 2020/01/30 12:0 a.m.5 views

PT-2020-20146 · Trend Micro · Ossec-Hids

Name of the Vulnerable Software and Affected Versions: OSSEC-HIDS versions 2.7 through 3.5.0 Description: The server component responsible for log analysis, ossec-analysisd, is vulnerable to path traversal with write access via crafted syscheck messages written directly to the analysisd UNIX doma...

5.5CVSS5.4AI score0.00504EPSS
Exploits2References7
ptsecurity
ptsecurity
added 2020/01/30 12:0 a.m.5 views

PT-2020-20145 · Trend Micro · Ossec-Hids

Name of the Vulnerable Software and Affected Versions: OSSEC-HIDS versions 2.7 through 3.5.0 Description: The issue arises from the OS CleanMSG function in ossec-analysisd, which fails to remove or encode terminal control characters or newlines from processed log messages. This can lead to the...

10CVSS9.6AI score0.02277EPSS
Exploits1References7
githubexploit
githubexploit
added 2020/01/15 9:2 p.m.8 views

OSSEC-HIDS Security Audit Findings

Hi folks, I spent some free time recently auditing OSSEC. I w...

10CVSS7.2AI score0.02685EPSS
Exploits7
taosecurity
taosecurity
added 2019/03/28 8:40 p.m.66 views

Thoughts on OSSEC Con 2019

Last week I attended my first OSSEC conference. I first blogged about OSSEC in 2007, and wrote other posts about it in the following years. OSSEC is a host-based intrusion detection and log analysis system with correlation and active response features. It is cross-platform, such that I can run it...

7.1AI score
Exploits0
openvas
openvas
added 2019/02/09 12:0 a.m.713 views

Unprotected OSSEC/Wazuh ossec-authd (authd Protocol)

The remote OSSEC/Wazuh ossec-authd service is not protected by password authentication or client certificate verification. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

7.4AI score
Exploits0
openvas
openvas
added 2019/02/09 12:0 a.m.163 views

OSSEC/Wazuh ossec-authd Service Detection (TCP)

TCP based detection of a OSSEC/Wazuh ossec-authd service. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3AI score
Exploits0References1
osv
osv
added 2018/11/29 8:29 a.m.13 views

CVE-2018-19666

The agent in OSSEC through 3.1.0 on Windows allows local users to gain NT AUTHORITY\SYSTEM access via Directory Traversal by leveraging full access to the associated OSSEC server...

7.8CVSS6.9AI score
Exploits0References1
nvd
nvd
added 2018/11/29 8:29 a.m.16 views

CVE-2018-19666

The agent in OSSEC through 3.1.0 on Windows allows local users to gain NT AUTHORITY\SYSTEM access via Directory Traversal by leveraging full access to the associated OSSEC server...

7.8CVSS7.7AI score0.00784EPSS
Exploits1References1
prion
prion
added 2018/11/29 8:29 a.m.14 views

Directory traversal

The agent in OSSEC through 3.1.0 on Windows allows local users to gain NT AUTHORITY\SYSTEM access via Directory Traversal by leveraging full access to the associated OSSEC server...

7.2CVSS7.6AI score0.00784EPSS
Exploits1References1Affected Software2
cvelist
cvelist
added 2018/11/29 7:0 a.m.21 views

CVE-2018-19666

The agent in OSSEC through 3.1.0 on Windows allows local users to gain NT AUTHORITY\SYSTEM access via Directory Traversal by leveraging full access to the associated OSSEC server...

7.7AI score0.00784EPSS
Exploits1References1
cve
cve
added 2018/11/29 7:0 a.m.52 views

CVE-2018-19666

OSSEC OSSEC agent for Windows (version 3.1.0) is affected. A directory traversal flaw allows a local user with full access to the OSSEC server to escalate to NT AUTHORITY\SYSTEM. The issue is identified as CVE-2018-19666 across multiple feeds. Exploitation status is not detailed in the provided d...

7.8CVSS7.6AI score0.00784EPSS
Exploits1References1Affected Software1
n0where
n0where
added 2018/08/28 5:27 p.m.278 views

Open Source Host & Endpoint Security: Wazuh

Wazuh is a security detection, visibility, and compliance open source project. It was born as a fork of OSSEC HIDS, later was integrated with Elastic Stack and OpenSCAP evolving into a more comprehensive solution. Wazuh helps you to gain deeper security visibility into your infrastructure by...

0.1AI score
Exploits0References2
kitploit
kitploit
added 2018/07/04 1:37 p.m.29 views

ProbeManager - Centralize Management Of Intrusion Detection System Like Suricata, Bro, Ossec...

It is common to see that many IDS intrusion and detection system, including the software and its rules are not updated regularly. This can be explained by the fact the software and rule management is often complicated, which can be a particular problem for small and medium sized enterprises that...

7.2AI score
Exploits0References3
kitploit
kitploit
added 2018/04/05 1:3 p.m.53 views

Security Onion - Linux Distro For IDS, NSM, And Log Management

Security Onion is a free and open source Linux distribution for intrusion detection, enterprise security monitoring, and log management. It includes Elasticsearch, Logstash, Kibana, Snort, Suricata, Bro, OSSEC, Sguil, Squert, NetworkMiner, and many other security tools. The easy-to-use Setup wiza...

7.3AI score
Exploits0References4
threatpost
threatpost
added 2018/03/19 6:16 p.m.10 views

Researchers Show How Popular Text Editors Can Be Attacked Via Third-Party Plugins

Security risks in popular extensible text editors allow hackers to abuse plugins and escalate privileges on targeted systems, according to new research from SafeBreach. Inadequate separation of regular and elevated access modes used in editors and a lack of folder permissions integrity allow...

0.8AI score
Exploits0References8
kitploit
kitploit
added 2017/12/16 8:35 p.m.149 views

Wazuh - Open Source Host and Endpoint Security

Wazuh helps you to gain deeper security visibility into your infrastructure by monitoring hosts at an operating system and application level. This solution, based on lightweight multi-platform agents, provides the following capabilities: Log management and analysis: Wazuh agents read operating...

7.5AI score
Exploits0References4
nvd
nvd
added 2017/09/07 8:29 p.m.31 views

CVE-2015-3222

syscheck/seechanges.c in OSSEC 2.7 through 2.8.1 on NIX systems allows local users to execute arbitrary code as root...

7CVSS7AI score0.01991EPSS
Exploits4References4
prion
prion
added 2017/09/07 8:29 p.m.10 views

Code injection

syscheck/seechanges.c in OSSEC 2.7 through 2.8.1 on NIX systems allows local users to execute arbitrary code as root...

6.9CVSS7.6AI score0.01991EPSS
Exploits4References4Affected Software1
Rows per page
Query Builder