RSS   Vulnerabilities for 'Logwatch'   RSS

2011-02-25
 
CVE-2011-1018

CWE-20
 

 
logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server.

 
2005-05-02
 
CVE-2005-1061

 

 
The secure script in LogWatch before 2.6-2 allows attackers to prevent LogWatch from detecting malicious activity via certain strings in the secure file that are later used as part of a regular expression, which causes the parser to crash, aka "logwatch log processing regular expression DoS."

 
2002-04-03
 
CVE-2002-0165

 

 
LogWatch 2.5 allows local users to gain root privileges via a symlink attack, a different vulnerability than CVE-2002-0162.

 
2002-03-27
 
CVE-2002-0162

 

 
LogWatch before 2.5 allows local users to execute arbitrary code via a symlink attack on the logwatch temporary directory.

 


Copyright 2019, cxsecurity.com

 

Back to Top