CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-8447
https://notcve.org/view.php?id=CVE-2020-8447
In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to a use-after-free during processing of syscheck formatted msgs (received from authenticated remote agents and delivered to the analysisd processing queue by ossec-remoted). En OSSEC-HIDS versiones 2.7 hasta 3.5.0, el componente del servidor responsable del análisis de registro (ossec-analysisd) es vulnerable a un uso de la memoria previamente liberada durante el procesamiento de mensajes con formato syscheck (recibidos de agentes remotos autenticados y entregados a la cola de procesamiento analizada por ossec-remoted). • https://github.com/ossec/ossec-hids/issues/1818 https://github.com/ossec/ossec-hids/issues/1821 https://security.gentoo.org/glsa/202007-33 https://www.ossec.net • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-8448
https://notcve.org/view.php?id=CVE-2020-8448
In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to a denial of service (NULL pointer dereference) via crafted messages written directly to the analysisd UNIX domain socket by a local user. En OSSEC-HIDS versiones 2.7 hasta 3.5.0, el componente del servidor responsable del análisis de registro (ossec-analysisd) es vulnerable a una denegación de servicio (desreferencia del puntero NULL) por medio de mensajes diseñados escritos directamente en el socket de dominio UNIX de analysisd. • https://github.com/ossec/ossec-hids/issues/1815 https://github.com/ossec/ossec-hids/issues/1821 https://security.gentoo.org/glsa/202007-33 https://www.ossec.net • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2018-19666
https://notcve.org/view.php?id=CVE-2018-19666
The agent in OSSEC through 3.1.0 on Windows allows local users to gain NT AUTHORITY\SYSTEM access via Directory Traversal by leveraging full access to the associated OSSEC server. El agente en OSSEC hasta la versión 3.1.0 en Windows permite a los usuarios locales obtener acceso al sistema NT AUTHORITY\SYSTEM a través de un salto de directorio aprovechando el acceso completo al servidor OSSEC asociado. • https://github.com/ossec/ossec-hids/issues/1585 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.0EPSS: 0%CPEs: 4EXPL: 1CVE-2015-3222 – OSSEC 2.7 < 2.8.1 - 'diff' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2015-3222
syscheck/seechanges.c in OSSEC 2.7 through 2.8.1 on NIX systems allows local users to execute arbitrary code as root. syscheck/seechanges.c en OSSEC 2.7 hasta la versión 2.8.1 en sistemas NIX permite que los usuarios locales ejecuten código arbitrario como root. OSSEC versions 2.7 through 2.8.1 suffer from a local root escalation vulnerability. • https://www.exploit-db.com/exploits/37265 http://packetstormsecurity.com/files/132281/OSSEC-2.8.1-Local-Root-Escalation.html http://www.openwall.com/lists/oss-security/2015/06/11/1 http://www.securityfocus.com/bid/75148 https://github.com/ossec/ossec-hids/releases/tag/2.8.2 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 4CVE-2014-5284 – OSSEC 2.8 - 'hosts.deny' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2014-5284
host-deny.sh in OSSEC before 2.8.1 writes to temporary files with predictable filenames without verifying ownership, which allows local users to modify access restrictions in hosts.deny and gain root privileges by creating the temporary files before automatic IP blocking is performed. host-deny.sh en OSSEC anterior a 2.8.1 escribe a ficheros temporales con nombres de ficheros previsibles sin verificar su dueño, lo que permite a usuarios locales modificar las restricciones de acceso en hosts.deny y ganar privilegios de root mediante la creación de los ficheros temporales antes de que se realice el bloqueo IP automático. OSSEC version 2.8 suffers from a privilege escalation vulnerability via insecure temporary file creation. • https://www.exploit-db.com/exploits/35234 https://github.com/mbadanoiu/CVE-2014-5284 http://packetstormsecurity.com/files/129111/OSSEC-2.8-Privilege-Escalation.html http://www.exploit-db.com/exploits/35234 https://github.com/ossec/ossec-hids/releases/tag/2.8.1 • CWE-264: Permissions, Privileges, and Access Controls •