1662 matches found
openSUSE Security Update : rsyslog (openSUSE-SU-2014:1298-1)
Fixed remote PRI DoS vulnerability patch CVE-2014-3683,bnc899756 rsyslog-7.2.7-remote-PRI-DoS-fix-backportCVE-2014-3634. patch - Removed broken, unsupported and dropped by upstream zpipe utility from rsyslog-diag-tools package bnc890228 - Remote syslog PRI DoS vulnerability fix...
openSUSE Security Update : rsyslog (openSUSE-SU-2014:1297-1)
Fixed PRI DoS vulnerability patch CVE-2014-3683,bnc899756 rsyslog-7.4.7-remote-PRI-DoS-fix-backportCVE-2014-3634. patch - Removed broken, unsupported and dropped by upstream zpipe utility from rsyslog-diag-tools package bnc890228 - Remote syslog PRI DoS vulnerability fix CVE-2014-3634,bnc897262 +...
RedHat Update for rsyslog RHSA-2014:1397-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS Update for rsyslog CESA-2014:1397 centos7
Check the version of rsyslog SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882053";...
rsyslog: remote denial of service
The rsyslog fix shipped in 8.4.1 for an invalid PRI value see ASA-201410-1 was incomplete, as it did not cover cases where PRI values MAXINT. These values caused an integer overflow, resulting in negative values. Sending a syslog message containing an invalid PRI value to a vulnerable rsyslog...
Syslog LogAnalyzer 3.6.5 - Stored XSS (Python Exploit)
No description provided by source. !/usr/bin/env python coding: utf-8 import os import syslog from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register class TestPOCPOCBase: vulID = '87249' ssvid version = '1.0' author = 'coc' vulDate = '' createDat...
Syslog LogAnalyzer 3.6.5 - Stored XSS Exploit
Exploit for multiple platform in category web applications Vulnerability title: Syslog LogAnalyzer 3.6.5 Stored XSS Author: Dolev Farhi Contact: dolevf at yahoo dot com @dolevff Application: LogAnalyzer 3.6.5 Date: 8.2.2014 Relevant CVEs: CVE-2014-6070 Vulnerable version: alert"xss", and sending ...
LogAnalyzer 3.6.5 Cross Site Scripting Vulnerability
LogAnalyzer version 3.6.5 suffers from a cross site scripting vulnerability. Author: Dolev Farhi @dolevff Application: LogAnalyzer Date: 8.2.2014 Tested on: Red Hat Enterprise Linux 6.4 Relevant CVEs: CVE-2014-6070 1. About the application ------------------------ LogAnalyzer is a web interface t...
Syslog LogAnalyzer 3.6.5 - Persistent Cross-Site Scripting (Python)
Syslog LogAnalyzer 3.6.5 - Persistent Cross-Site Scripting Python Vulnerability title: Syslog LogAnalyzer 3.6.5 Stored XSS Author: Dolev Farhi Contact: dolevf at yahoo dot com @dolevff Application: LogAnalyzer 3.6.5 Date: 8.2.2014 Relevant CVEs: CVE-2014-6070 Vulnerable version: alert"xss", and...
LogAnalyzer 3.6.5 Cross Site Scripting
Author: Dolev Farhi @dolevff Application: LogAnalyzer Date: 8.2.2014 Tested on: Red Hat Enterprise Linux 6.4 Relevant CVEs: CVE-2014-6070 1. About the application ------------------------ LogAnalyzer is a web interface to syslog and other network event data. It provides easy browsing, analysis of...
Syslog LogAnalyzer 3.6.5 - Persistent Cross-Site Scripting
Vulnerability title: Syslog LogAnalyzer 3.6.5 Stored XSS Author: Dolev Farhi Contact: dolevf at yahoo dot com @dolevff Application: LogAnalyzer 3.6.5 Date: 8.2.2014 Relevant CVEs: CVE-2014-6070 Vulnerable version: alert"xss", and sending an arbitrary syslog message, a client-side script injection...
openSUSE Security Update : exim (openSUSE-SU-2014:0983-1)
"Changes in exim : - Silence static checkers; beo1506. - update to 4.83 This release of Exim includes one incompatible fix : + the behavior of expansion of arguments to math comparison functions , was unexpected, expanding the values twice; CVE-2014-2972; bnc888520 This release contains the...
Important: Red Hat Security Advisory: yum-updatesd security update
An updated yum-updatesd package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...
CVE-2014-2226
Ubiquiti UniFi Controller before 3.2.1 logs the administrative password hash in syslog messages, which allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors...
Design/Logic Flaw
Ubiquiti UniFi Controller before 3.2.1 logs the administrative password hash in syslog messages, which allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors...
CVE-2014-2226
Ubiquiti UniFi Controller before 3.2.1 logs the administrative password hash in syslog messages, which allows man-in-the-middle attackers to obtain sensitive information via unspecified vectors...
CVE-2014-2226
CVE-2014-2226 affects Ubiquiti UniFi Controller prior to 3.2.1. The issue is that the admin password hash is logged in syslog messages, enabling an attacker with access to the syslog stream to obtain sensitive authentication data. Public details reference that when remote logging is enabled, sysl...
Ubiquiti UbiFi Controller 2.4.5 Password Hash Disclosure
----------- Vendor: ----------- Ubiquiti Networks http://www.ubnt.com/ ---------------------------------------------- Affected Products/Versions: ---------------------------------------------- UniFi Controller v2.4.6 Note: Previous versions may be affected ----------------- Description:...
zkfingerd SysLog 0.9.1 Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6402/info zkfingerd is prone to a format string vulnerability. This problem is due to incorrect use of the 'syslog' function to log error messages. It is possible to corrupt memory by passing format strings through the...
Aanval 7.1 build 70151 - Multiple Vulnerabilities
No description provided by source. ----------- Author: ----------- xistence xistenceat0x90.nl ------------------------- Affected products: ------------------------- Aanval 7.1 build 70151 ------------------------- Affected vendors: ------------------------- Aanval http://www.aanval.com/...