CVE-2022-34571

An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 allows attackers to obtain the system key information and execute arbitrary commands via accessing the page syslog.shtml...

Design/Logic Flaw

An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 allows attackers to obtain the system key information and execute arbitrary commands via accessing the page syslog.shtml...

PT-2022-22210 · Wavlink · Wavlink Wifi-Repeater Rpta2-77W

Name of the Vulnerable Software and Affected Versions: Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 Description: An access control issue allows attackers to obtain system key information and execute arbitrary commands by accessing the page "syslog.shtml". Recommendations: For Wavlink...

WAVLINK WiFi-Repeater 安全漏洞

WAVLINK WiFi-Repeater is a WiFi range extender from China RuiYin Technology WAVLINK. A security vulnerability exists in WAVLINK WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 version. An attacker can exploit the vulnerability to obtain system key information and execute arbitrary commands by...

EulerOS Virtualization 2.10.0 : rsyslog (EulerOS-SA-2022-2101)

According to the versions of the rsyslog package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when...

EulerOS Virtualization 2.10.1 : rsyslog (EulerOS-SA-2022-2121)

According to the versions of the rsyslog package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when...

CVE-2022-32294

Zimbra Collaboration Open Source 8.8.15 does not encrypt the initial-login randomly created password from the "zmprove ca" command. It is visible in cleartext on port UDP 514 aka the syslog port. NOTE: a third party reports that this cannot be reproduced...

CVE-2022-32294

Zimbra Collaboration Open Source 8.8.15 does not encrypt the initial-login randomly created password from the "zmprove ca" command. It is visible in cleartext on port UDP 514 aka the syslog port. NOTE: a third party reports that this cannot be reproduced...

Design/Logic Flaw

DISPUTED Zimbra Collaboration Open Source 8.8.15 does not encrypt the initial-login randomly created password from the "zmprove ca" command. It is visible in cleartext on port UDP 514 aka the syslog port. NOTE: a third party reports that this cannot be reproduced...

PT-2022-21212 · Zimbra · Zimbra Collaboration Open Source

Name of the Vulnerable Software and Affected Versions: Zimbra Collaboration Open Source version 8.8.15 Description: The issue concerns the lack of encryption for the initial-login randomly created password, which is generated by the zmprove ca command. This password is visible in cleartext on por...

CVE-2022-32294

Zimbra Collaboration Open Source 8.8.15 does not encrypt the initial-login randomly created password from the "zmprove ca" command. It is visible in cleartext on port UDP 514 aka the syslog port. NOTE: a third party reports that this cannot be reproduced...

CVE-2022-32294

The connected sources confirm a vulnerability in Zimbra Collaboration Open Source 8.8.15 where the initial-login randomly created password (generated by the zmprove ca command) is not encrypted and is visible in cleartext on UDP port 514 (syslog). Root cause described as lack of encryption for th...

Zimbra Collaboration Suite 安全漏洞

Zimbra Collaboration Suite ZCS is an open source collaboration suite from Zimbra in the United States. The product includes WebMail, Calendar, Address Book and more. A security vulnerability exists in Zimbra Collaboration Suite version 8.8.15, which stems from not encrypting a randomly created...

SUSE-SU-2022:2333-1 Security update for rsyslog

This update for rsyslog fixes the following issues: - CVE-2022-24903: Fixed potential heap buffer overflow in modules for TCP syslog reception bsc1199061...

SUSE SLES12 Security Update : rsyslog (SUSE-SU-2022:2314-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:2314-1 advisory. - Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when...

SUSE: Security Advisory (SUSE-SU-2022:2331-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : rsyslog (EulerOS-SA-2022-1979)

According to the versions of the rsyslog package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted...

SUSE-SU-2022:2331-1 Security update for rsyslog

This update for rsyslog fixes the following issues: - CVE-2022-24903: fix potential heap buffer overflow in modules for TCP syslog reception bsc1199061...

Oracle Linux 9 : rsyslog (ELSA-2022-4795)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-4795 advisory. 8.2102.0-101.1 - Address CVE-2022-24903, Heap-based overflow in TCP syslog server resolves: rhbz2081402 Tenable has extracted the preceding description block...

rsyslog security update

8.2102.0-101.1 - Address CVE-2022-24903, Heap-based overflow in TCP syslog server resolves: rhbz2081402...