EulerOS Virtualization 2.5.4 : systemd (EulerOS-SA-2019-1233)

According to the versions of the systemd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in...

openSUSE Security Update : systemd (openSUSE-2019-909)

This update for systemd fixes the following issues : Security issues fixed : - CVE-2018-15688: A buffer overflow vulnerability in the dhcp6 client of systemd allowed a malicious dhcp6 server to overwrite heap memory in systemd-networkd. bsc1113632 - CVE-2018-15686: A vulnerability in...

openSUSE Security Update : amavisd-new (openSUSE-2019-297)

This update for amavisd-new fixes the following issues : Security issue fixed : - CVE-2016-1238: Workedaround a perl vulnerability by removing a trailing dot element from @INCbsc987887. Other issues addressed : - update to version 2.11.1 bsc1123389. - amavis-services: bumping up syslog level from...

Security update for amavisd-new (moderate)

openSUSE Security Update: Security update for amavisd-new Announcement ID: openSUSE-SU-2019:0297-1 Rating: moderate References: 1123389 987887 Cross-References: CVE-2016-1238 Affected Products: openSUSE Leap 15.0 An update that solves one vulnerability and has one errata is now available...

SUSE-SU-2019:0505-1 Security update for amavisd-new

This update for amavisd-new fixes the following issues: wmavisd-new was updated to version 2.11.1 bsc1123389: removed a trailing dot element from @INC, as a workaround for a perl vulnerability CVE-2016-1238 bsc987887 amavis-services: bumping up syslog level from LOGNOTICE to LOGERR for a message...

SUSE SLED15 / SLES15 Security Update : amavisd-new (SUSE-SU-2019:0505-1)

This update for amavisd-new fixes the following issues : wmavisd-new was updated to version 2.11.1 bsc1123389 : removed a trailing dot element from @INC, as a workaround for a perl vulnerability CVE-2016-1238 bsc987887 amavis-services: bumping up syslog level from LOGNOTICE to LOGERR for a messag...

EulerOS 2.0 SP2 : systemd (EulerOS-SA-2019-1060)

According to the versions of the systemd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling CVE-2018-15688 - systemd: stack overflow when calling syslog from ...

Security Bulletin: IBM Security Guardium is aware of a GnuTLS vulnerability

Summary IBM Security Guardium is aware of the following vulnerabilities Vulnerability Details CVE-2018-10846, CVE-2018-10845, CVE-2018-10844 Affected Products and Versions Affected IBM Security Guardium | Affected Versions ---|--- IBM Security Guardium | 9 - 9.5 IBM Security Guardium | 10 - 10.5...

systemd: stack overflow when calling syslog from a command with long cmdline

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate privileges...

EulerOS 2.0 SP5 : systemd (EulerOS-SA-2019-1045)

According to the versions of the systemd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling CVE-2018-15688 - systemd: stack overflow when calling syslog from ...

systemd: stack overflow when calling syslog from a command with long cmdline

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate privileges...

Important: Red Hat Security Advisory: systemd security update

An update for systemd is now available for Red Hat Enterprise Linux 7.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

systemd: stack overflow when calling syslog from a command with long cmdline

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate privileges...

systemd: stack overflow when calling syslog from a command with long cmdline

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate privileges...

Important: Red Hat Security Advisory: systemd security update

An update for systemd is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Fedora 29 : syslog-ng (2019-e818eaa0ac)

Fix for use after free in affiledwreap Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable...

[SECURITY] Fedora 29 Update: syslog-ng-3.17.2-2.fc29

syslog-ng is an enhanced log daemon, supporting a wide range of input and output methods: syslog, unstructured text, message queues, databases SQL and NoSQL alike and more. Key features: receive and send RFC3164 and RFC5424 style syslog messages work with any kind of unstructured data receive and...

Juniper ATP Information Disclosure Vulnerability (CNVD-2019-24380)

Juniper Advanced Threat Prevention ATP is a suite of advanced threat protection platforms from Juniper Networks. The product supports malware detection, file analysis, and malicious IP address and URL blocking. An information disclosure vulnerability exists in Juniper ATP version 5.0.3 prior to...

CVE-2019-0021

On Juniper ATP, secret passphrase CLI inputs, such as "set mcm", are logged to /var/log/syslog in clear text, allowing authenticated local user to be able to view these secret information. This issue affects Juniper ATP 5.0 versions prior to 5.0.4...

Information disclosure

On Juniper ATP, secret passphrase CLI inputs, such as "set mcm", are logged to /var/log/syslog in clear text, allowing authenticated local user to be able to view these secret information. This issue affects Juniper ATP 5.0 versions prior to 5.0.4...