Fedora 15 : syslog-ng-3.2.4-3.fc15 (2011-7176)

Fixes a PCRE-bug, cf. http://www.securityfocus.com/bid/47800 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

CVE-2011-1854

Use-after-free vulnerability in HP Intelligent Management Center IMC 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a long syslog packet, related to an exception handler...

CVE-2011-1854

CVE-2011-1854 is an HP IMC 5.0 vulnerability (before E0101L02) in the imcsyslogdm.exe component, where processing oversized syslog packets triggers a use-after-free and remote code execution. The issue is documented by multiple sources (NVD entry, Red Hat advisory, Nessus plugin HP_IMC_MULTIPLE_C...

CVE-2011-1854

Use-after-free vulnerability in HP Intelligent Management Center IMC 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a long syslog packet, related to an exception handler...

kernel security and bug fix update

2.6.32-71.24.1.el6 - fs Revert 'fs inotify: stop kernel memory leak on file creation failure' Eric Paris 656831 656832 CVE-2010-4250 2.6.32-71.23.1.el6 - x86 Revert 'x86 mtrr: Assume SYSCFGTom2ForceMemTypeWB exists on all future AMD CPUs' Frank Arnold 683813 652208 2.6.32-71.22.1.el6 - rebuild...

SAP Management Console ABAP Syslog Disclosure

This module simply attempts to extract the ABAP syslog through the SAP Management Console SOAP Interface. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SAP Management Console ABAP Syslog...

SAP Management Console Extract Users

This module simply attempts to extract SAP users from the ABAP Syslog through the SAP Management Console SOAP Interface. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SAP Management Console...

CVE-2011-0343

Balabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on FreeBSD or HP-UX, does not properly perform cast operations, which causes syslog-ng to use a default value of -1 to create log files with insecure permissions 07777, which allows local users to read and write to these log files...

CVE-2011-0343

Balabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on FreeBSD or HP-UX, does not properly perform cast operations, which causes syslog-ng to use a default value of -1 to create log files with insecure permissions 07777, which allows local users to read and write to these log files...

DEBIAN-CVE-2011-0343

Balabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on FreeBSD or HP-UX, does not properly perform cast operations, which causes syslog-ng to use a default value of -1 to create log files with insecure permissions 07777, which allows local users to read and write to these log files...

Design/Logic Flaw

Balabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on FreeBSD or HP-UX, does not properly perform cast operations, which causes syslog-ng to use a default value of -1 to create log files with insecure permissions 07777, which allows local users to read and write to these log files...

CVE-2011-0343

Balabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on FreeBSD or HP-UX, does not properly perform cast operations, which causes syslog-ng to use a default value of -1 to create log files with insecure permissions 07777, which allows local users to read and write to these log files...

CVE-2011-0343

CVE-2011-0343 affects Balabit syslog-ng versions 2.0, 3.0, 3.1, and 3.2 (OSE and PE) when running on FreeBSD or HP-UX . The root cause is improper cast operations that cause syslog-ng to use a default value of -1 to name log files, resulting in insecure permissions (07777) and enabling local user...

CVE-2011-0343

Balabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on FreeBSD or HP-UX, does not properly perform cast operations, which causes syslog-ng to use a default value of -1 to create log files with insecure permissions 07777, which allows local users to read and write to these log files...

CVE-2011-0343

Balabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on FreeBSD or HP-UX, does not properly perform cast operations, which causes syslog-ng to use a default value of -1 to create log files with insecure permissions 07777, which allows local users to read and write to these log files...

syslog-ng wrong file permission vulnerability

========================================================================== syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE = Information leak, access prevention and possible priviledge escalation CVE-2011-0343 ========================================================================== 1. OVERVIEW Versions...

syslog-ng weak permissions

On some platforms syslog files are created with 07777 permissions...

CVE-2009-5037

Cisco Adaptive Security Appliances ASA 5500 series devices with software before 8.23 allow remote attackers to cause a denial of service ASDM syslog outage via a long URL, aka Bug IDs CSCsm11264 and CSCtb92911...

CVE-2009-5037

Cisco Adaptive Security Appliances ASA 5500 series devices with software before 8.23 allow remote attackers to cause a denial of service ASDM syslog outage via a long URL, aka Bug IDs CSCsm11264 and CSCtb92911...

PT-2011-1308 · Cisco · Cisco Asa

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliances ASA 5500 series devices versions prior to 8.23 Description: The issue allows remote attackers to cause a denial of service, specifically an ASDM syslog outage, by sending a long URL. Recommendations: For...