[NetScaler-Syslog] HA Secondary node Cannot Transmit Syslog Messages in TCP

NetScaler supports report syslog messages to an external syslog server. But in HA deployment, you may observe the issue that: HA Secondary node doesn't send syslog messages while Primary is good if "Transport Type" is TCP. Configuring it to UDP has no issue...

Important Photon OS Security Update - PHSA-2023-5.0-0093

Updates of 'python3', 'apache-tomcat', 'redis', 'syslog-ng', 'openvswitch' packages of Photon OS have been released...

syslog configuration on NetScaler only sends var/log/ns.log to outside syslog server.

...

SonicWALL GMS Virtual Appliance Syslog Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SonicWALL GMS Virtual Appliance. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

Webmin 跨站脚本漏洞

Webmin is a set of Web-based system administration tools for Unix-like operating systems from the Webmin community. A security vulnerability exists in Webmin version 2.021 that stems from a stored cross-site scripting XSS vulnerability discovered in the syslog viewer feature. The vulnerability...

Exploit for Use of Externally-Controlled Format String in Asus Rt-Ac86U_Firmware

CVE-2023-35086-POC July 25 2023, Altin tin-z, github.com/t...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.6.2.6)

The version of AOS installed on the remote host is prior to 6.6.2.6. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.6.2.6 advisory. - Integer underflow in grubnetrecvip4packets; A malicious crafted IP packet can lead to an integer underflow in...

CVE-2023-36924

While using a specific function, SAP ERP Defense Forces and Public Security - versions 600, 603, 604, 605, 616, 617, 618, 802, 803, 804, 805, 806, 807, allows an authenticated attacker with admin privileges to write arbitrary data to the syslog file. On successful exploitation, an attacker could...

CVE-2023-36924

While using a specific function, SAP ERP Defense Forces and Public Security - versions 600, 603, 604, 605, 616, 617, 618, 802, 803, 804, 805, 806, 807, allows an authenticated attacker with admin privileges to write arbitrary data to the syslog file. On successful exploitation, an attacker could...

Design/Logic Flaw

While using a specific function, SAP ERP Defense Forces and Public Security - versions 600, 603, 604, 605, 616, 617, 618, 802, 803, 804, 805, 806, 807, allows an authenticated attacker with admin privileges to write arbitrary data to the syslog file. On successful exploitation, an attacker could...

CVE-2023-36924 Log Injection vulnerability in SAP ERP Defense Forces and Public Security

While using a specific function, SAP ERP Defense Forces and Public Security - versions 600, 603, 604, 605, 616, 617, 618, 802, 803, 804, 805, 806, 807, allows an authenticated attacker with admin privileges to write arbitrary data to the syslog file. On successful exploitation, an attacker could...

CVE-2023-36924

CVE-2023-36924 affects SAP ERP Defense Forces and Public Security, versions 600–807. The root cause is improper handling of log output allowing an authenticated admin to write arbitrary data to the syslog file, potentially altering all syslog data and compromising application integrity. Affected ...

CVE-2023-36924 Log Injection vulnerability in SAP ERP Defense Forces and Public Security

While using a specific function, SAP ERP Defense Forces and Public Security - versions 600, 603, 604, 605, 616, 617, 618, 802, 803, 804, 805, 806, 807, allows an authenticated attacker with admin privileges to write arbitrary data to the syslog file. On successful exploitation, an attacker could...

PT-2023-4139 · Sap · Sap Erp Defense Forces/Public Security

Name of the Vulnerable Software and Affected Versions: SAP ERP Defense Forces and Public Security versions 600 through 807 Description: The issue is related to improper handling of log output, which can be exploited by a remote attacker to overwrite arbitrary files. When using a specific function...

Password Disclosure

cloudfoundry is vulnerable to Password Disclosure. The vulnerability exists when kernel audit logging is enabled, which logs every command run on a VM, causing authentication commands of the form cf auth --client-credentials USERNAME PASSWORD to be logged in plaintext to syslog, allowing an...

An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service

An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected...

CVE-2023-20881

Cloud foundry instances having CAPI version between 1.140 and 1.152.0 along with loggregator-agent v7+ may override other users syslog drain credentials if they're aware of the client certificate used for that syslog drain. This applies even if the drain has zero certs. This would allow the user ...

CVE-2023-20881

Cloud foundry instances having CAPI version between 1.140 and 1.152.0 along with loggregator-agent v7+ may override other users syslog drain credentials if they're aware of the client certificate used for that syslog drain. This applies even if the drain has zero certs. This would allow the user ...

PT-2023-17685 · Unknown · Loggregator-Agent +1

Name of the Vulnerable Software and Affected Versions: Cloud Foundry versions 1.140 through 1.152.0 loggregator-agent version 7 and later Description: The issue allows users to override other users' syslog drain credentials if they are aware of the client certificate used for that syslog drain...

CVE-2023-20881

Cloud foundry instances having CAPI version between 1.140 and 1.152.0 along with loggregator-agent v7+ may override other users syslog drain credentials if they're aware of the client certificate used for that syslog drain. This applies even if the drain has zero certs. This would allow the user ...