QwikSec

Security Database

CVE

CWE

Training

CVE-2016-2054

Published: Apr 13, 2016

Modified: Aug 5, 2024

PUBLISHED

Description

Multiple buffer overflows in xymond/xymond.c in xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a long filename, involving handling a "config" command.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://sourceforge.net/p/xymon/code/7859/

x_refsource_CONFIRM

20160214 Xymon: Critical security issues in all versions prior to 4.3.25

mailing-list

x_refsource_BUGTRAQ

vendor-advisory

x_refsource_DEBIAN

[Xymon] 20160208 Xymon 4.3.25 - Important Security Update

mailing-list

x_refsource_MLIST

https://sourceforge.net/p/xymon/code/7860/

x_refsource_CONFIRM

http://packetstormsecurity.com/files/135758/Xymon-4.3.x-Buffer-Overflow-Code-Execution-Information-Disclosure.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.