CVE-2022-24903 Buffer overflow in TCP syslog server (receiver) components in rsyslog

Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used. This can result in a segfault or some other malfunction. As of our understanding, this vulnerability can not be used for remote code...

Citrix-ADM using localhost IP 127.0.0.1 to send syslog traffic to Splunk server

Citrix-ADM 13.0 76.29 is noted to be using localhost IP to send Syslog traffic instead of ADM IP to external Syslog server. As a result, Citrix ADM is not able to send the Syslog traffic to Splunk server successfully as seen below. A tcpdump on Citrix ADM also shows traffic is generated and sent...

S1EM - This Project Is A SIEM With SIRP And Threat Intel, All In One

Today, cyber attacks are more numerous and cause damage in companies. Nevertheless, many software products exist to detect cyber threats. The S1EM solution is based on the principle of bringing together the best products in their field, free of charge, and making them quickly interoperable. S1EM ...

How to send Application Firewall messages to a separate syslog server

This article describes how to send Application Firewall messages to a separate Syslog Server. Requirements A secure Filetransfer utility such as WinSCP A utility to open a SSH console to the appliance such as PuTTY...

Slurp 1.10.2 Format String Vulnerability

Exploit Title: Slurp 1.10.2 - Remote Format String Date: 2022-02-12 Author: Milad Karimi slurp is a freely available, open source NNTP client. It is designed for use on most Unix and Linux operating systems. It may be possible for a remote server to execute code on a vulnerable client. slurp offe...

Mageia: Security Advisory (MGASA-2018-0047)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2021:4147-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-40130

A vulnerability in the web application of Cisco Common Services Platform Collector CSPC could allow an authenticated, remote attacker to specify non-log files as sources for syslog reporting. This vulnerability is due to improper restriction of the syslog configuration. An attacker could exploit...

CVE-2021-40130

A vulnerability in the web application of Cisco Common Services Platform Collector CSPC could allow an authenticated, remote attacker to specify non-log files as sources for syslog reporting. This vulnerability is due to improper restriction of the syslog configuration. An attacker could exploit...

Design/Logic Flaw

A vulnerability in the web application of Cisco Common Services Platform Collector CSPC could allow an authenticated, remote attacker to specify non-log files as sources for syslog reporting. This vulnerability is due to improper restriction of the syslog configuration. An attacker could exploit...

CVE-2021-40130 Cisco Common Services Platform Collector Improper Logging Restriction Vulnerability

A vulnerability in the web application of Cisco Common Services Platform Collector CSPC could allow an authenticated, remote attacker to specify non-log files as sources for syslog reporting. This vulnerability is due to improper restriction of the syslog configuration. An attacker could exploit...

CVE-2021-40130

CVE-2021-40130 affects Cisco Common Services Platform Collector (CSPC) via the web application. The vulnerability arises from improper restriction of the syslog configuration, allowing an authenticated, remote attacker to configure non-log files as sources for syslog reporting. This could let the...

Cisco Common Services Platform Collector Improper Logging Restriction Vulnerability

A vulnerability in the web application of Cisco Common Services Platform Collector CSPC could allow an authenticated, remote attacker to specify non-log files as sources for syslog reporting. This vulnerability is due to improper restriction of the syslog configuration. An attacker could exploit...

PT-2021-4851 · Cisco · Cisco Common Services Platform Collector

Name of the Vulnerable Software and Affected Versions: Cisco Common Services Platform Collector CSPC affected versions not specified Description: A vulnerability in the web application of Cisco Common Services Platform Collector could allow an authenticated, remote attacker to specify non-log fil...

CVE-2021-34598

In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 the remote logging functionality is impaired by the lack of memory release for data structures from syslog-ng when remote logging is active...

Design/Logic Flaw

In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 the remote logging functionality is impaired by the lack of memory release for data structures from syslog-ng when remote logging is active...

CVE-2021-34598

Phoenix Contact FL MGUARD 1102/1105 (firmware v1.4.0, 1.4.1, 1.5.0) has a vulnerability where remote logging is impaired due to failure to release memory for syslog-ng data structures when remote logging is active. The impact described aligns with partial availability degradation; exploitation de...

Phoenix Contact Fl Mguard 1102 安全漏洞

The Phoenix Contact Fl Mguard 1102 is a security router from Phoenix Contact, Germany. It is used to protect industrial networks from attacks such as Ip Spoofing, Denial of Service Dos and Syn flooding. A security vulnerability exists in the Phoenix Contact FL MGUARD 1102 and 1105 that stems from...

CVE-2021-35237

A missing HTTP header X-Frame-Options in Kiwi Syslog Server has left customers vulnerable to click jacking. Clickjacking is an attack that occurs when an attacker uses a transparent iframe in a window to trick a user into clicking on an actionable item, such as a button or link, to another server...

CVE-2021-35237

A missing HTTP header X-Frame-Options in Kiwi Syslog Server has left customers vulnerable to click jacking. Clickjacking is an attack that occurs when an attacker uses a transparent iframe in a window to trick a user into clicking on an actionable item, such as a button or link, to another server...