Logwatch : Security Vulnerabilities, CVEs,
logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server.
Max CVSS
10.0
EPSS Score
5.15%
Published
2011-02-25
Updated
2023-02-13
The secure script in LogWatch before 2.6-2 allows attackers to prevent LogWatch from detecting malicious activity via certain strings in the secure file that are later used as part of a regular expression, which causes the parser to crash, aka "logwatch log processing regular expression DoS."
Max CVSS
5.0
EPSS Score
0.39%
Published
2005-05-02
Updated
2008-09-05
LogWatch 2.5 allows local users to gain root privileges via a symlink attack, a different vulnerability than CVE-2002-0162.
Max CVSS
7.2
EPSS Score
0.04%
Published
2002-04-03
Updated
2016-10-18
LogWatch before 2.5 allows local users to execute arbitrary code via a symlink attack on the logwatch temporary directory.
Max CVSS
6.2
EPSS Score
0.04%
Published
2002-03-27
Updated
2016-10-18
4 vulnerabilities found