Vendor
Logwatch
Products
1
CVEs
4
Across products
4
Status
Private
Products
1- 4 CVEs
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2011-1018 | 0.04 | — | 0.18 | Feb 25, 2011 | logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server. | |||
| CVE-2005-1061 | 0.03 | — | 0.03 | May 2, 2005 | The secure script in LogWatch before 2.6-2 allows attackers to prevent LogWatch from detecting malicious activity via certain strings in the secure file that are later used as part of a regular expression, which causes the parser to crash, aka "logwatch log processing regular… | |||
| CVE-2002-0162 | 0.03 | — | 0.01 | Mar 27, 2002 | LogWatch before 2.5 allows local users to execute arbitrary code via a symlink attack on the logwatch temporary directory. | |||
| CVE-2002-0165 | 0.00 | — | 0.00 | Apr 3, 2002 | LogWatch 2.5 allows local users to gain root privileges via a symlink attack, a different vulnerability than CVE-2002-0162. |
- CVE-2011-1018Feb 25, 2011risk 0.04cvss —epss 0.18
logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server.
- CVE-2005-1061May 2, 2005risk 0.03cvss —epss 0.03
The secure script in LogWatch before 2.6-2 allows attackers to prevent LogWatch from detecting malicious activity via certain strings in the secure file that are later used as part of a regular expression, which causes the parser to crash, aka "logwatch log processing regular…
- CVE-2002-0162Mar 27, 2002risk 0.03cvss —epss 0.01
LogWatch before 2.5 allows local users to execute arbitrary code via a symlink attack on the logwatch temporary directory.
- CVE-2002-0165Apr 3, 2002risk 0.00cvss —epss 0.00
LogWatch 2.5 allows local users to gain root privileges via a symlink attack, a different vulnerability than CVE-2002-0162.