Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The throttle capability in Swatch may fail to report certain events if (1) the same type of event occurs after the throttle period, or (2) when multiple events matching the same "watchfor" expression do not occur after the throttle period, which could allow attackers to avoid detection.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Swatch抑制事件报告漏洞
Vulnerability Description
Swatch是一款免费开放源代码的日志监察工具,可使用在多种Unix和Linux操作系统下。 Swatch存在设计漏洞,可导致信息不予报告。 当SWATCH检测到一个事件多次发生的时候,会对事件的报告产生抑制,也就是不重复报告同样的事件。而且如果被抑制的事件一个月以后再次发生的时候也不会被报告。 问题存在于swatch源代码的1037行,比较新旧事件的月份,如果新的一事件大,新事件就递减: if ($ymdhms[1] > $Msg_Rec{$key}->{ymdhms}[1]) { $ymdhms[0]
CVSS Information
N/A
Vulnerability Type
N/A