EUVD-2020-29313

Malware in sbrugna...

OSSEC-HIDS syscheck Message Denial of Service Vulnerability

OSSEC-HIDS is an open source intrusion detection tool. OSSEC-HIDS log analysis component processing syscheck formatted messages has a security vulnerability that allows remote attackers to exploit the vulnerability to submit a special request that can be used for denial-of-service attacks...

CVE-2020-8447

In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis ossec-analysisd is vulnerable to a use-after-free during processing of syscheck formatted msgs received from authenticated remote agents and delivered to the analysisd processing queue by ossec-remoted...

CVE-2020-8447

In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis ossec-analysisd is vulnerable to a use-after-free during processing of syscheck formatted msgs received from authenticated remote agents and delivered to the analysisd processing queue by ossec-remoted...

CVE-2020-8446

In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis ossec-analysisd is vulnerable to path traversal with write access via crafted syscheck messages written directly to the analysisd UNIX domain socket by a local user...

CVE-2020-8446

CVE-2020-8446 affects OSSEC-HIDS 2.7–3.5.0. The server component ossec-analysisd is vulnerable to a path traversal with write access, exploitable by a local user through crafted syscheck messages sent to the analysisd UNIX domain socket. Impact: integrity is HIGH, confidentiality and availability...

PT-2020-20146 · Trend Micro · Ossec-Hids

Name of the Vulnerable Software and Affected Versions: OSSEC-HIDS versions 2.7 through 3.5.0 Description: The server component responsible for log analysis, ossec-analysisd, is vulnerable to path traversal with write access via crafted syscheck messages written directly to the analysisd UNIX doma...

PT-2020-20147 · Trend Micro · Ossec-Hids

Name of the Vulnerable Software and Affected Versions: OSSEC-HIDS versions 2.7 through 3.5.0 Description: The server component responsible for log analysis, ossec-analysisd, is vulnerable to a use-after-free during processing of syscheck formatted msgs. These messages are received from...

Researchers Show How Popular Text Editors Can Be Attacked Via Third-Party Plugins

Security risks in popular extensible text editors allow hackers to abuse plugins and escalate privileges on targeted systems, according to new research from SafeBreach. Inadequate separation of regular and elevated access modes used in editors and a lack of folder permissions integrity allow...

Code injection

syscheck/seechanges.c in OSSEC 2.7 through 2.8.1 on NIX systems allows local users to execute arbitrary code as root...

CVE-2015-3222

OSSEC CVE-2015-3222 affects OSSEC 2.7–2.8.1 on UNIX: the syscheck/seechanges.c code uses a shell diff command via system(), enabling a local user to escalate to root by exploiting this differential reporting feature. The issue is addressed in OSSEC 2.8.2 (fixes noted in release and FreeBSD VuXML/...

FreeBSD : security/ossec-hids-* -- root escalation via syscheck feature (c470db07-1098-11e5-b6a8-002590263bf5)

OSSEC reports : The CVE-2015-3222 vulnerability, which allows for root escalation via sys check has been fixed in OSSEC 2.8.2. This issue does not affect agents. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the...

OSSEC 2.8.1 Local Root Escalation

Fix for CVE-2015-3222 which allows for root escalation via syscheck - https://github.com/ossec/ossec-hids/releases/tag/2.8.2 Affected versions: 2.7 - 2.8.1 Beginning is OSSEC 2.7 d88cf1c9 a feature was added to syscheck, which is the daemon that monitors file changes on a system, called...

OSSEC 2.7 2.8.1 - diff Local Privilege Escalation

OSSEC 2.7 2.8.1 - diff Local Privilege Escalation Fix for CVE-2015-3222 which allows for root escalation via syscheck - https://github.com/ossec/ossec-hids/releases/tag/2.8.2 Affected versions: 2.7 - 2.8.1 Beginning is OSSEC 2.7 d88cf1c9 a feature was added to syscheck, which is the daemon that...

OSSEC 2.7 <= 2.8.1 - Local Root Escalation Vulnerability

Exploit for linux platform in category local exploits Fix for CVE-2015-3222 which allows for root escalation via syscheck - https://github.com/ossec/ossec-hids/releases/tag/2.8.2 Affected versions: 2.7 - 2.8.1 Beginning is OSSEC 2.7 d88cf1c9 a feature was added to syscheck, which is the daemon th...

OSSEC 2.7 &lt; 2.8.1 - &#039;diff&#039; Local Privilege Escalation

Fix for CVE-2015-3222 which allows for root escalation via syscheck - https://github.com/ossec/ossec-hids/releases/tag/2.8.2 Affected versions: 2.7 - 2.8.1 Beginning is OSSEC 2.7 d88cf1c9 a feature was added to syscheck, which is the daemon that monitors file changes on a system, called...

Diamondback T4nk encounter pcshare 0 8 1 0 funny profile-vulnerability warning-the black bar safety net

OriginalDiamondback T4nk encounter pcshare 0 8 1 0 funny profile note pcshare 0 8 1 0 pregnancy the whole production process shortcodes column: This“story”is purely entertainment for pacing everyone a laugh: Head give birth to time to secretly"inserted into the"svchosti.e. placenta is assigned a...