1638 matches found
kernel: call_console_drivers() function log prefix stripping DoS
The logprefix function in kernel/printk.c in the Linux kernel 3.x before 3.4.33 does not properly remove a prefix string from a syslog header, which allows local users to cause a denial of service buffer overflow and system crash by leveraging /dev/kmsg write access and triggering a...
DEBIAN-CVE-2013-1772
The logprefix function in kernel/printk.c in the Linux kernel 3.x before 3.4.33 does not properly remove a prefix string from a syslog header, which allows local users to cause a denial of service buffer overflow and system crash by leveraging /dev/kmsg write access and triggering a...
CVE-2013-1772
The logprefix function in kernel/printk.c in the Linux kernel 3.x before 3.4.33 does not properly remove a prefix string from a syslog header, which allows local users to cause a denial of service buffer overflow and system crash by leveraging /dev/kmsg write access and triggering a...
CVE-2013-1772
CVE-2013-1772 affects the Linux kernel 3.x prior to 3.4.33. The vulnerability stems from the log_prefix function in kernel/printk.c, which fails to correctly remove a prefix from the syslog header, enabling a local attacker with /dev/kmsg write access to trigger call_console_drivers and cause a d...
CVE-2013-1772
The logprefix function in kernel/printk.c in the Linux kernel 3.x before 3.4.33 does not properly remove a prefix string from a syslog header, which allows local users to cause a denial of service buffer overflow and system crash by leveraging /dev/kmsg write access and triggering a...
UBUNTU-CVE-2013-1772
The logprefix function in kernel/printk.c in the Linux kernel 3.x before 3.4.33 does not properly remove a prefix string from a syslog header, which allows local users to cause a denial of service buffer overflow and system crash by leveraging /dev/kmsg write access and triggering a...
CVE-2013-1772
The logprefix function in kernel/printk.c in the Linux kernel 3.x before 3.4.33 does not properly remove a prefix string from a syslog header, which allows local users to cause a denial of service buffer overflow and system crash by leveraging /dev/kmsg write access and triggering a...
Enterasys NetSight nssyslogd.exe Buffer Overflow
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Enterasys NetSight nssyslogd.exe Buff...
Enterasys NetSight nssyslogd.exe Buffer Overflow Vulnerability
Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core'...
Enterasys NetSight nssyslogd.exe Buffer Overflow
This module exploits a stack buffer overflow in Enterasys NetSight. The vulnerability exists in the Syslog service nssylogd.exe when parsing a specially crafted PRIO from a syslog message. The module has been tested successfully on Enterasys NetSight 4.0.1.34 over Windows XP SP3 and Windows 2003...
CVE-2010-2387
vicious-extensions/ve-misc.c in GNOME Display Manager gdm 2.20.x before 2.20.11, when GDM debug is enabled, logs the user password when it contains invalid UTF8 encoded characters, which might allow local users to gain privileges by reading the information from syslog logs...
Design/Logic Flaw
vicious-extensions/ve-misc.c in GNOME Display Manager gdm 2.20.x before 2.20.11, when GDM debug is enabled, logs the user password when it contains invalid UTF8 encoded characters, which might allow local users to gain privileges by reading the information from syslog logs...
CVE-2010-2387
vicious-extensions/ve-misc.c in GNOME Display Manager gdm 2.20.x before 2.20.11, when GDM debug is enabled, logs the user password when it contains invalid UTF8 encoded characters, which might allow local users to gain privileges by reading the information from syslog logs...
Leave information on scanned hosts
This routine stores information about the scan on the scanned host, provided it is a unixoid system offering ssh access with a standard shell. The information cover hostname, scan start time and scan end time. No details about the actual scan results are stored on the scanned host. By default, th...
CVE-2011-5227
Stack-based buffer overflow in the Syslog service nssyslogd.exe in Enterasys Network Management Suite NMS before 4.1.0.80 allows remote attackers to execute arbitrary code via a long PRIO field in a message to UDP port 514...
Stack overflow
Stack-based buffer overflow in the Syslog service nssyslogd.exe in Enterasys Network Management Suite NMS before 4.1.0.80 allows remote attackers to execute arbitrary code via a long PRIO field in a message to UDP port 514...
CVE-2011-5227
Enterasys NetSight (NMS) Syslog service nssyslogd.exe has a stack-based buffer overflow vulnerability exploitable via a crafted PRIO field in UDP traffic to port 514, affecting versions before 4.1.0.80 and allowing remote code execution. Public references and PoC/exploit modules (e.g., Metasploit...
CVE-2011-5227
Stack-based buffer overflow in the Syslog service nssyslogd.exe in Enterasys Network Management Suite NMS before 4.1.0.80 allows remote attackers to execute arbitrary code via a long PRIO field in a message to UDP port 514...
LogAnalyzer Detection
The remote web server hosts Adiscon LogAnalyzer, a monitoring application used to view Syslog messages and Windows Events via a web interface written in PHP. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid62122; scriptversion"1.4";...
CVE-2012-4889
Multiple cross-site scripting XSS vulnerabilities in ManageEngine Firewall Analyzer 7.2 allow remote attackers to inject arbitrary web script or HTML via the 1 subTab or 2 tab parameter to createAnomaly.do; 3 url, 4 subTab, or 5 tab parameter to mindex.do; 6 tab parameter to index2.do; or 7 port...