glibc syslog() Heap-Based Buffer Overflow Exploit

Qualys discovered a heap-based buffer overflow in the GNU C Library's vsysloginternal function, which is called by both syslog and vsyslog. This vulnerability was introduced in glibc 2.37 in August 2022. CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog...

CVE-2023-6779

An off-by-one heap-based buffer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INTMAX bytes, leading to an incorrect calculation of t...

glibc syslog() Heap-Based Buffer Overflow

Qualys Security Advisory CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog ======================================================================== Contents ======================================================================== Summary Analysis Proof of concept Exploitation...

CVE-2023-6780

An integer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message,...

Qualys TRU Discovers Important Vulnerabilities in GNU C Library’s syslog()

The Qualys Threat Research Unit TRU has recently unearthed four significant vulnerabilities in the GNU C Library, a cornerstone for countless applications in the Linux environment. Before diving into the specific details of the vulnerabilities discovered by the Qualys Threat Research Unit in the...

Motorola MR2600 Command Injection Vulnerability

The Motorola MR2600 is a wireless router from Motorola, Inc. A security vulnerability exists in the Motorola MR2600 due to a command injection vulnerability in the "SaveSysLogParams" parameter...

GitHub: Management Console Editor Privilege Escalation to Root SSH Access in GitHub Enterprise Server via RCE in syslog-ng

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via the syslog-ng configuration file. This vulnerability affected all versions of GitHub Enterprise Server...

CVE-2024-0541

A vulnerability was found in Tenda W9 1.0.0.74456. It has been declared as critical. Affected by this vulnerability is the function formAddSysLogRule of the component httpd. The manipulation of the argument sysRulenEn leads to stack-based buffer overflow. The attack can be launched remotely. The...

NewStart CGSL MAIN 6.02 : rsyslog Vulnerability (NS-SA-2023-0075)

The remote NewStart CGSL host, running version MAIN 6.02, has rsyslog packages installed that are affected by a vulnerability: - Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used. This can...

CVE-2023-28616

An issue was discovered in Stormshield Network Security SNS before 4.3.17, 4.4.x through 4.6.x before 4.6.4, and 4.7.x before 4.7.1. It affects user accounts for which the password has an equals sign or space character. The serverd process logs such passwords in cleartext, and potentially sends...

CVE-2023-28616

An issue was discovered in Stormshield Network Security SNS before 4.3.17, 4.4.x through 4.6.x before 4.6.4, and 4.7.x before 4.7.1. It affects user accounts for which the password has an equals sign or space character. The serverd process logs such passwords in cleartext, and potentially sends...

CVE-2023-28616

An issue was discovered in Stormshield Network Security SNS before 4.3.17, 4.4.x through 4.6.x before 4.6.4, and 4.7.x before 4.7.1. It affects user accounts for which the password has an equals sign or space character. The serverd process logs such passwords in cleartext, and potentially sends...

Code injection

An issue was discovered in Stormshield Network Security SNS before 4.3.17, 4.4.x through 4.6.x before 4.6.4, and 4.7.x before 4.7.1. It affects user accounts for which the password has an equals sign or space character. The serverd process logs such passwords in cleartext, and potentially sends...

CVE-2023-28616

An issue was discovered in Stormshield Network Security SNS before 4.3.17, 4.4.x through 4.6.x before 4.6.4, and 4.7.x before 4.7.1. It affects user accounts for which the password has an equals sign or space character. The serverd process logs such passwords in cleartext, and potentially sends...

Stormshield Network Security Security Vulnerabilities

Stormshield Network Security is a next-generation UTM Unified Threat Management firewall from Stormshield France. A security vulnerability exists in Stormshield Network Security SNS versions prior to 4.3.17, prior to 4.6.4, and prior to 4.7.1, which originates when the serverd process logs...

CVE-2023-28616

Stormshield Network Security (SNS) is affected by CVE-2023-28616 in versions before 4.3.17, 4.4.x–4.6.x before 4.6.4, and 4.7.x before 4.7.1. The issue concerns user passwords containing an equals sign or space character; the serverd process logs such passwords in cleartext and may forward these ...

PT-2023-21849 · Stormshield · Stormshield Network Security

Name of the Vulnerable Software and Affected Versions: Stormshield Network Security SNS versions 4.3.x through 4.3.16 Stormshield Network Security SNS versions 4.4.x through 4.6.x before 4.6.4 Stormshield Network Security SNS versions 4.7.x before 4.7.1 Description: The issue affects user account...

CVE-2022-38725 affecting package syslog-ng for versions less than 3.33.2-7

CVE-2022-38725 affecting package syslog-ng for versions less than 3.33.2-7. A patched version of the package is available...

How to Configure Advanced Syslog Integration Options

Purpose This article documents advanced configuration options for syslog integration with Veeam Backup & Replication, a new feature starting in version 12.1. Solution The following advanced configuration options are available: Add BOM Before MSG Field Add the Unicode byte order mask BOM before th...

Important Photon OS Security Update - PHSA-2023-3.0-0693

Updates of 'runc', 'syslog-ng' packages of Photon OS have been released...