CVE-2018-15399

This CVE (CVE-2018-15399) affects Cisco ASA/FTD TCP Syslog: a missing boundary check in the internal function allows an unauthenticated, remote attacker in MITM position to modify syslog TCP segments, exhausting 1550-byte buffers and causing DoS. Impacted features include AnyConnect SSL VPN, clie...

CVE-2018-15399 Cisco Adaptive Security Appliance TCP Syslog Denial of Service Vulnerability

A vulnerability in the TCP syslog module of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to exhaust the 1550-byte buffers on an affected device, resulting in a denial of service DoS condition. The...

CVE-2018-15399 Cisco Adaptive Security Appliance TCP Syslog Denial of Service Vulnerability

A vulnerability in the TCP syslog module of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to exhaust the 1550-byte buffers on an affected device, resulting in a denial of service DoS condition. The...

Cisco Adaptive Security Appliance TCP Syslog Denial of Service Vulnerability

A vulnerability in the TCP syslog module of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to exhaust the 1550-byte buffers on an affected device, resulting in a denial of service DoS condition. The...

PT-2018-3930 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the TCP syslog module could allow an unauthenticated,...

PT-2018-3878 · D Link · D-Link Dir-823G

Name of the Vulnerable Software and Affected Versions: D-Link DIR-823G devices affected versions not specified Description: The issue is related to the lack of authentication in certain components of the D-Link DIR-823G device's firmware, specifically ExportSettings.sh, upload settings.cgi,...

PT-2018-3883 · D Link · D-Link Dir-816 A2

Name of the Vulnerable Software and Affected Versions: D-Link DIR-816 A2 version 1.10 B05 Description: An issue exists due to the lack of neutralization of special elements used in the command string construction within the handler function of the "/goform/sylogapply" route. This could lead to...

[SECURITY] Fedora 28 Update: rsyslog-8.37.0-1.fc28

Rsyslog is an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine grain output format control. It is compatible with stock sysklogd and can be used as a drop-in replacement. Rsyslog is simple to set up,...

TP-Link TL-WA850RE Wi-Fi Range Extender Heap Buffer Overflow Vulnerability

TP-Link TL-WA850RE Wi-Fi Range Extender is a wireless network signal extender from China P&L TP-LINK. A heap buffer overflow vulnerability exists in the TP-Link TL-WA850RE Wi-Fi Range Extender using firmware version TL-WA850REv5180228. A remote attacker can exploit this vulnerability to cause a...

Stack overflow

Stack-based buffer overflow in TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows remote authenticated users to cause a denial of service outage via a long type parameter to /data/syslog.filter.json...

CVE-2018-12693

Stack-based buffer overflow in TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows remote authenticated users to cause a denial of service outage via a long type parameter to /data/syslog.filter.json...

Multiple Cisco Products Resource Management Error Vulnerability

Cisco Emergency Responder and others are products of Cisco, Inc.Cisco Emergency Responder is a suite of emergency calling software for IP communications systems.Finesse is a next-generation customer collaboration services solution. A resource management error vulnerability exists in the managemen...

Syslog Events Not Recorded on Syslog Page of NetScaler MAS

Syslog events not recorded on syslog messages page of NetScaler MAS...

Fedora 27 : mimedefang (2017-400f199e15)

MIMEDefang 2.81 =============== - Don't barf if the installed version of Sys::Syslog has a developer tag added like 0.3301 on Debian Stretch. - Make mimedefang and mimedefang-multiplexor write their PID files as root to avoid an unprivileged user tampering with the pidfiles. Thanks to Michael...

CVE-2017-16680

Two potential audit log injections in SAP HANA extended application services 1.0, advanced model: 1 Certain HTTP/REST endpoints of controller service are missing user input validation which could allow unprivileged attackers to forge audit log lines. Hence the interpretation of audit log files...

CVE-2017-16680

Two potential audit log injections in SAP HANA extended application services 1.0, advanced model: 1 Certain HTTP/REST endpoints of controller service are missing user input validation which could allow unprivileged attackers to forge audit log lines. Hence the interpretation of audit log files...

Input validation

Two potential audit log injections in SAP HANA extended application services 1.0, advanced model: 1 Certain HTTP/REST endpoints of controller service are missing user input validation which could allow unprivileged attackers to forge audit log lines. Hence the interpretation of audit log files...

CVE-2017-16680

SAP HANA XS/Extended Application Services 1.0 contains two audit log injection issues: (1) controller service HTTP/REST endpoints lack input validation, allowing unprivileged forged audit log lines, and (2) User Account and Authentication logs into syslog and a separate log file with unescaped en...

CVE-2017-16680

Two potential audit log injections in SAP HANA extended application services 1.0, advanced model: 1 Certain HTTP/REST endpoints of controller service are missing user input validation which could allow unprivileged attackers to forge audit log lines. Hence the interpretation of audit log files...

Predefined Setting Values Configured on NetScaler MAS

This article list the predefined setting values configured on NetScaler MAS. NetScaler MAS Prune settings Number of days to keep data is default 15 Pruning happens everyday at 00:00 for Events, Audit Log, Task Log tables NetScaler MAS Backup Settings Every 12 hours NetScaler MAS will back up...