1660 matches found
CVE-2020-8443
In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis ossec-analysisd is vulnerable to an off-by-one heap-based buffer overflow during the cleaning of crafted syslog msgs received from authenticated remote agents and delivered to the analysisd processing queue by...
CVE-2020-8443
In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis ossec-analysisd is vulnerable to an off-by-one heap-based buffer overflow during the cleaning of crafted syslog msgs received from authenticated remote agents and delivered to the analysisd processing queue by...
Heap overflow
In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis ossec-analysisd is vulnerable to an off-by-one heap-based buffer overflow during the cleaning of crafted syslog msgs received from authenticated remote agents and delivered to the analysisd processing queue by...
CVE-2020-8443
In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis ossec-analysisd is vulnerable to an off-by-one heap-based buffer overflow during the cleaning of crafted syslog msgs received from authenticated remote agents and delivered to the analysisd processing queue by...
Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2019-1227)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2019-1060)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Cisco Firepower Threat Defense Software DoS (cisco-sa-20181003-asa-syslog-dos)
According to its self-reported version, the TCP syslog module of Cisco Firepower Threat Defense FTD Software allows an unauthenticated, remote attacker to exhaust the 1550-byte buffers on an affected device, resulting in a denial of service DoS condition. The vulnerability is due to a missing...
Cisco UCS Director Access Control Error Vulnerability
Cisco UCS Director is a heterogeneous platform for private cloud Infrastructure as a Service IaaS from Cisco. An access control error vulnerability exists in the authentication logic of the web management interface in Cisco UCS Director Releases prior to 6.7.3.1. A remote attacker could exploit t...
Fedora Update for rsyslog FEDORA-2019-ea7d5876a4
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
PathAuditor - Detecting Unsafe Path Access Patterns
The PathAuditor is a tool meant to find file access related vulnerabilities by auditing libc functions. The idea is roughly as follows: Audit every call to filesystem related libc functions performed by the binary. Check if the path used in the syscall is user-writable. In this case an unprivileg...
CVE-2019-17596: x509 parsing in Golang can cause panic | Cloud Foundry
Severity High Vendor Cloud Foundry Foundation Description Various Cloud Foundry components are written in Go and are therefore vulnerable to a denial of service attack. Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public...
Dsiem - Security Event Correlation Engine For ELK Stack
Dsiem is a security event correlation engine for ELK stack, allowing the platform to be used as a dedicated and full-featured SIEM system. Dsiem provides OSSIM-style correlation for normalized logs/events, perform lookup/query to threat intelligence and vulnerability information sources, and...
NewStart CGSL CORE 5.04 / MAIN 5.04 : rsyslog Vulnerability (NS-SA-2019-0225)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has rsyslog packages installed that are affected by a vulnerability: - Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might...
Fedora Update for rsyslog FEDORA-2019-1fb95ae48d
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 30 Update: rsyslog-8.1911.0-1.fc30
Rsyslog is an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine grain output format control. It is compatible with stock sysklogd and can be used as a drop-in replacement. Rsyslog is simple to set up,...
[SECURITY] Fedora 31 Update: rsyslog-8.1911.0-1.fc31
Rsyslog is an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine grain output format control. It is compatible with stock sysklogd and can be used as a drop-in replacement. Rsyslog is simple to set up,...
SolarWinds Kiwi Syslog Server 8.3.52 Unquoted Service Path
Exploit Title: SolarWinds Kiwi Syslog Server 8.3.52 - 'Kiwi Syslog Server' Unquoted Service Path Date: 2019-11-08 Exploit Author: Carlos A Garcia R Vendor Homepage: https://www.kiwisyslog.com/ Software Link: https://www.kiwisyslog.com/downloads Version: 8.3.52 Tested on: Windows XP Professional...
SolarWinds Kiwi Syslog Server 8.3.52 - Kiwi Syslog Server Unquoted Service Path
SolarWinds Kiwi Syslog Server 8.3.52 - Kiwi Syslog Server Unquoted Service Path Exploit Title: SolarWinds Kiwi Syslog Server 8.3.52 - 'Kiwi Syslog Server' Unquoted Service Path Date: 2019-11-08 Exploit Author: Carlos A Garcia R Vendor Homepage: https://www.kiwisyslog.com/ Software Link:...
SolarWinds Kiwi Syslog Server 8.3.52 - (Kiwi Syslog Server) Unquoted Service Path Vulnerability
Exploit Title: SolarWinds Kiwi Syslog Server 8.3.52 - 'Kiwi Syslog Server' Unquoted Service Path Exploit Author: Carlos A Garcia R Vendor Homepage: https://www.kiwisyslog.com/ Software Link: https://www.kiwisyslog.com/downloads Version: 8.3.52 Tested on: Windows XP Professional Service Pack 3...
SolarWinds Kiwi Syslog Server 8.3.52 - 'Kiwi Syslog Server' Unquoted Service Path
Exploit Title: SolarWinds Kiwi Syslog Server 8.3.52 - 'Kiwi Syslog Server' Unquoted Service Path Date: 2019-11-08 Exploit Author: Carlos A Garcia R Vendor Homepage: https://www.kiwisyslog.com/ Software Link: https://www.kiwisyslog.com/downloads Version: 8.3.52 Tested on: Windows XP Professional...