Lucene search
K

1662 matches found

Tenable Nessus
Tenable Nessus
added 2014/10/16 12:0 a.m.33 views

openSUSE Security Update : rsyslog (openSUSE-SU-2014:1298-1)

Fixed remote PRI DoS vulnerability patch CVE-2014-3683,bnc899756 rsyslog-7.2.7-remote-PRI-DoS-fix-backportCVE-2014-3634. patch - Removed broken, unsupported and dropped by upstream zpipe utility from rsyslog-diag-tools package bnc890228 - Remote syslog PRI DoS vulnerability fix...

7.5CVSS5.4AI score0.07546EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2014/10/16 12:0 a.m.23 views

openSUSE Security Update : rsyslog (openSUSE-SU-2014:1297-1)

Fixed PRI DoS vulnerability patch CVE-2014-3683,bnc899756 rsyslog-7.4.7-remote-PRI-DoS-fix-backportCVE-2014-3634. patch - Removed broken, unsupported and dropped by upstream zpipe utility from rsyslog-diag-tools package bnc890228 - Remote syslog PRI DoS vulnerability fix CVE-2014-3634,bnc897262 +...

7.5CVSS5.3AI score0.07546EPSS
Exploits2References6
OpenVAS
OpenVAS
added 2014/10/14 12:0 a.m.28 views

RedHat Update for rsyslog RHSA-2014:1397-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.2AI score0.07546EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2014/10/14 12:0 a.m.12 views

CentOS Update for rsyslog CESA-2014:1397 centos7

Check the version of rsyslog SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882053";...

7.5CVSS5.1AI score0.07546EPSS
Exploits1References2
ArchLinux
ArchLinux
added 2014/10/08 12:0 a.m.34 views

rsyslog: remote denial of service

The rsyslog fix shipped in 8.4.1 for an invalid PRI value see ASA-201410-1 was incomplete, as it did not cover cases where PRI values MAXINT. These values caused an integer overflow, resulting in negative values. Sending a syslog message containing an invalid PRI value to a vulnerable rsyslog...

5CVSS4.2AI score0.04585EPSS
Exploits1References2
seebug.org
seebug.org
added 2014/09/18 12:0 a.m.18 views

Syslog LogAnalyzer 3.6.5 - Stored XSS (Python Exploit)

No description provided by source. !/usr/bin/env python coding: utf-8 import os import syslog from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register class TestPOCPOCBase: vulID = '87249' ssvid version = '1.0' author = 'coc' vulDate = '' createDat...

7.1AI score
Exploits0
0day.today
0day.today
added 2014/09/08 12:0 a.m.40 views

Syslog LogAnalyzer 3.6.5 - Stored XSS Exploit

Exploit for multiple platform in category web applications Vulnerability title: Syslog LogAnalyzer 3.6.5 Stored XSS Author: Dolev Farhi Contact: dolevf at yahoo dot com @dolevff Application: LogAnalyzer 3.6.5 Date: 8.2.2014 Relevant CVEs: CVE-2014-6070 Vulnerable version: alert"xss", and sending ...

7.1AI score0.03582EPSS
Exploits6
0day.today
0day.today
added 2014/09/04 12:0 a.m.34 views

LogAnalyzer 3.6.5 Cross Site Scripting Vulnerability

LogAnalyzer version 3.6.5 suffers from a cross site scripting vulnerability. Author: Dolev Farhi @dolevff Application: LogAnalyzer Date: 8.2.2014 Tested on: Red Hat Enterprise Linux 6.4 Relevant CVEs: CVE-2014-6070 1. About the application ------------------------ LogAnalyzer is a web interface t...

4.3CVSS5.9AI score0.03582EPSS
Exploits6
exploitpack
exploitpack
added 2014/09/02 12:0 a.m.34 views

Syslog LogAnalyzer 3.6.5 - Persistent Cross-Site Scripting (Python)

Syslog LogAnalyzer 3.6.5 - Persistent Cross-Site Scripting Python Vulnerability title: Syslog LogAnalyzer 3.6.5 Stored XSS Author: Dolev Farhi Contact: dolevf at yahoo dot com @dolevff Application: LogAnalyzer 3.6.5 Date: 8.2.2014 Relevant CVEs: CVE-2014-6070 Vulnerable version: alert"xss", and...

4.3CVSS6.1AI score0.03582EPSS
Exploits6
Packet Storm
Packet Storm
added 2014/09/02 12:0 a.m.32 views

LogAnalyzer 3.6.5 Cross Site Scripting

Author: Dolev Farhi @dolevff Application: LogAnalyzer Date: 8.2.2014 Tested on: Red Hat Enterprise Linux 6.4 Relevant CVEs: CVE-2014-6070 1. About the application ------------------------ LogAnalyzer is a web interface to syslog and other network event data. It provides easy browsing, analysis of...

4.3CVSS6.5AI score0.03582EPSS
Exploits6
Exploit DB
Exploit DB
added 2014/09/02 12:0 a.m.30 views

Syslog LogAnalyzer 3.6.5 - Persistent Cross-Site Scripting

Vulnerability title: Syslog LogAnalyzer 3.6.5 Stored XSS Author: Dolev Farhi Contact: dolevf at yahoo dot com @dolevff Application: LogAnalyzer 3.6.5 Date: 8.2.2014 Relevant CVEs: CVE-2014-6070 Vulnerable version: alert"xss", and sending an arbitrary syslog message, a client-side script injection...

4.3CVSS6.5AI score0.03582EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2014/08/12 12:0 a.m.45 views

openSUSE Security Update : exim (openSUSE-SU-2014:0983-1)

"Changes in exim : - Silence static checkers; beo1506. - update to 4.83 This release of Exim includes one incompatible fix : + the behavior of expansion of arguments to math comparison functions , was unexpected, expanding the values twice; CVE-2014-2972; bnc888520 This release contains the...

7.5CVSS7.1AI score0.08382EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2014/08/05 3:34 a.m.25 views

Important: Red Hat Security Advisory: yum-updatesd security update

An updated yum-updatesd package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

5CVSS5.9AI score0.0241EPSS
Exploits0References2
NVD
NVD
added 2014/07/29 2:55 p.m.31 views

CVE-2014-2226

Ubiquiti UniFi Controller before 3.2.1 logs the administrative password hash in syslog messages, which allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors...

2.6CVSS6.2AI score0.01453EPSS
Exploits1References4
Prion
Prion
added 2014/07/29 2:55 p.m.19 views

Design/Logic Flaw

Ubiquiti UniFi Controller before 3.2.1 logs the administrative password hash in syslog messages, which allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors...

2.6CVSS6.6AI score0.01453EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2014/07/29 2:0 p.m.27 views

CVE-2014-2226

Ubiquiti UniFi Controller before 3.2.1 logs the administrative password hash in syslog messages, which allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors...

6.2AI score0.01453EPSS
Exploits1References4
CVE
CVE
added 2014/07/29 2:0 p.m.50 views

CVE-2014-2226

CVE-2014-2226 affects Ubiquiti UniFi Controller prior to 3.2.1. The issue is that the admin password hash is logged in syslog messages, enabling an attacker with access to the syslog stream to obtain sensitive authentication data. Public details reference that when remote logging is enabled, sysl...

2.6CVSS6.3AI score0.01453EPSS
Exploits1References4Affected Software1
Packet Storm
Packet Storm
added 2014/07/25 12:0 a.m.47 views

Ubiquiti UbiFi Controller 2.4.5 Password Hash Disclosure

----------- Vendor: ----------- Ubiquiti Networks http://www.ubnt.com/ ---------------------------------------------- Affected Products/Versions: ---------------------------------------------- UniFi Controller v2.4.6 Note: Previous versions may be affected ----------------- Description:...

2.6CVSS0.01453EPSS
Exploits1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.24 views

zkfingerd SysLog 0.9.1 Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6402/info zkfingerd is prone to a format string vulnerability. This problem is due to incorrect use of the 'syslog' function to log error messages. It is possible to corrupt memory by passing format strings through the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.29 views

Aanval 7.1 build 70151 - Multiple Vulnerabilities

No description provided by source. ----------- Author: ----------- xistence xistenceat0x90.nl ------------------------- Affected products: ------------------------- Aanval 7.1 build 70151 ------------------------- Affected vendors: ------------------------- Aanval http://www.aanval.com/...

7.1AI score
Exploits0
Rows per page
Query Builder