PT-2021-14792 · D Link · D-Link Dir-3040

Name of the Vulnerable Software and Affected Versions: D-LINK DIR-3040 version 1.13B03 Description: An information disclosure issue exists in the Syslog functionality. A specially crafted network request can lead to the disclosure of sensitive information. An attacker can send an HTTP request to...

D-LINK DIR-3040 Syslog information disclosure vulnerability

Summary An information disclosure vulnerability exists in the Syslog functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to the disclosure of sensitive information. An attacker can send an HTTP request to trigger this vulnerability. Tested Versions D-LINK DIR-30...

D-LINK DIR-3040 Syslog information disclosure vulnerability

Talos Vulnerability Report TALOS-2021-1283 D-LINK DIR-3040 Syslog information disclosure vulnerability July 15, 2021 CVE Number CVE-2021-21818 Summary A hard-coded password vulnerability exists in the Zebra IP Routing Manager functionality of D-LINK DIR-3040 1.13B03. A specially crafted network...

Oracle Auditing Part 2: Mandatory and Fine-Grained Auditing

This is the second of three articles on the topic of Oracle auditing. It is relevant to Oracle 10g, 11g, and 12c, although Unified Auditing in 12c makes some of this content irrelevant if you choose to use Pure Unified Auditing. Unified Auditing will be covered in the third part of this series an...

rsyslog bug fix and enhancement update

The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine-grained control over output format. Bug Fixes and Enhancements: rsyslog fails to execute actions due to having a too lar...

rsyslog bug fix and enhancement update

An update is available for rsyslog. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It...

SUSE SLES11 Security Update : syslog-ng (SUSE-SU-2020:14369-1)

The remote SUSE Linux SLES11 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2020:14369-1 advisory. - A UNIX Symbolic Link Symlink Following vulnerability in the packaging of syslog-ng of SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise...

SUSE: Security Advisory (SUSE-SU-2020:14369-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:1221-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerability in Fabric OS used by IBM b-type SAN directors and switches.

Summary Public disclosed vulnerability from OpenSSL in the Fabric OS used by IBM b-type SAN directors and switches. Vulnerability Details CVEID: CVE-2020-1968 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by a Raccoon attack in the TLS specification. B...

tigervnc security, bug fix, and enhancement update

1.11.0-6 - Use GNOME as default session Resolves: bz1853608 1.11.0-5 - Make sure we log properly output to journal actually log to syslog Resolves: bz1841537 1.11.0-4 - Make sure we log properly output to journal Resolves: bz1841537 1.11.0-3 - vncserver: ignore new 'session' parameter from the ne...

CVE-2021-0264

A vulnerability in the processing of traffic matching a firewall filter containing a syslog action in Juniper Networks Junos OS on MX Series with MPC10/MPC11 cards installed, PTX10003 and PTX10008 Series devices, will cause the line card to crash and restart, creating a Denial of Service DoS...

CVE-2021-0264 Junos OS and Junos OS Evolved: MX Series with MPC10/MPC11, PTX10003, PTX10008: Line card may crash and restart when traffic is hitting a firewall filter having a term with syslog action configured

A vulnerability in the processing of traffic matching a firewall filter containing a syslog action in Juniper Networks Junos OS on MX Series with MPC10/MPC11 cards installed, PTX10003 and PTX10008 Series devices, will cause the line card to crash and restart, creating a Denial of Service DoS...

CVE-2021-0264

CVE-2021-0264 describes a DoS vulnerability in Juniper Networks Junos OS on MX Series with MPC10/MPC11 line cards and PTX10003/PTX10008 devices. When a firewall filter term containing a syslog action is hit (configured on lo0 or a physical interface), the affected line card may crash and restart,...

SUSE: Security Advisory (SUSE-SU-2020:3024-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Unauthenticated Log Disclosure

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Unauthenticated Log Disclosure Vendor: KZ Broadband Technologies, Ltd. | Jaton Technology, Ltd. Product web page: http://www.kzbtech.com | http://www.jatontec.com | https://www.neotel.mk http://www.jatontec.com/products/show.php?itemid=258...

CVE-2020-8356

An internal product security audit of LXCO, prior to version 1.2.2, discovered that optional passwords, if specified, for the Syslog and SMTP forwarders are written to an internal LXCO log file in clear text. Affected logs are captured in the First Failure Data Capture FFDC service log. The FFDC...

Design/Logic Flaw

An internal product security audit of LXCO, prior to version 1.2.2, discovered that optional passwords, if specified, for the Syslog and SMTP forwarders are written to an internal LXCO log file in clear text. Affected logs are captured in the First Failure Data Capture FFDC service log. The FFDC...

CVE-2020-8356

CVE-2020-8356 concerns Lenovo XClarity Orchestrator (LXCO) prior to version 1.2.2. The vulnerability arises because optional passwords for Syslog and SMTP forwarders are written in clear text to an internal LXCO log file; affected logs are captured in the FFDC service log. The FFDC log is generat...

RACOM M!DGE Information Disclosure Vulnerability

The RACOM M!DGE is a cellular router designed for SCADA and telemetry mission-critical applications and is ideally suited for many different wireless applications. An information disclosure vulnerability exists in the RACOM M!DGE firmware version 4.4.40.105. An attacker can exploit the...