Search criteria
48 vulnerabilities found for xymon by xymon
FKIE_CVE-2019-13485
Vulnerability from fkie_nvd - Published: 2019-08-27 17:15 - Updated: 2024-11-21 04:24
Severity ?
Summary
In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the history viewer component via a long hostname or service parameter to history.c.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/history.c | Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html | Third Party Advisory | |
| cve@mitre.org | https://lists.xymon.com/archive/2019-July/046570.html | Mailing List, Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/history.c | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.xymon.com/archive/2019-July/046570.html | Mailing List, Release Notes, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| xymon | xymon | * | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xymon:xymon:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BA8FC24-A087-49B8-B96B-F843CD830399",
"versionEndIncluding": "4.3.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the history viewer component via a long hostname or service parameter to history.c."
},
{
"lang": "es",
"value": "En Xymon a trav\u00e9s de 4.3.28, existe una vulnerabilidad de desbordamiento de b\u00fafer stack-based en el componente del visor de historial a trav\u00e9s de un nombre de host largo o un par\u00e1metro de servicio en history.c."
}
],
"id": "CVE-2019-13485",
"lastModified": "2024-11-21T04:24:59.793",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-27T17:15:10.727",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/history.c"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Release Notes",
"Vendor Advisory"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/history.c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Release Notes",
"Vendor Advisory"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-13484
Vulnerability from fkie_nvd - Published: 2019-08-27 17:15 - Updated: 2024-11-21 04:24
Severity ?
Summary
In Xymon through 4.3.28, a buffer overflow exists in the status-log viewer CGI because of expansion in appfeed.c.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/appfeed.c | Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://lists.xymon.com/archive/2019-July/046570.html | Mailing List, Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/appfeed.c | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.xymon.com/archive/2019-July/046570.html | Mailing List, Release Notes, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| xymon | xymon | * | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xymon:xymon:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BA8FC24-A087-49B8-B96B-F843CD830399",
"versionEndIncluding": "4.3.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Xymon through 4.3.28, a buffer overflow exists in the status-log viewer CGI because of \u0026nbsp; expansion in appfeed.c."
},
{
"lang": "es",
"value": "En Xymon a trav\u00e9s de 4.3.28, existe un desbordamiento de b\u00fafer en el visor de registro de estado CGI debido a \u00a0 expansi\u00f3n en appfeed.c."
}
],
"id": "CVE-2019-13484",
"lastModified": "2024-11-21T04:24:59.657",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-27T17:15:10.647",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/appfeed.c"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Release Notes",
"Vendor Advisory"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/appfeed.c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Release Notes",
"Vendor Advisory"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-13455
Vulnerability from fkie_nvd - Published: 2019-08-27 17:15 - Updated: 2024-11-21 04:24
Severity ?
Summary
In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the alert acknowledgment CGI tool because of expansion in acknowledge.c.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/acknowledge.c | Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://lists.xymon.com/archive/2019-July/046570.html | Exploit, Mailing List, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/acknowledge.c | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.xymon.com/archive/2019-July/046570.html | Exploit, Mailing List, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| xymon | xymon | * | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xymon:xymon:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BA8FC24-A087-49B8-B96B-F843CD830399",
"versionEndIncluding": "4.3.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the alert acknowledgment CGI tool because of \u0026nbsp; expansion in acknowledge.c."
},
{
"lang": "es",
"value": "En Xymon a trav\u00e9s de 4.3.28, existe una vulnerabilidad de desbordamiento de b\u00fafer basada en pila en la herramienta CGI de confirmaci\u00f3n de alerta debido a \u00a0 expansi\u00f3n en acknowledge.c."
}
],
"id": "CVE-2019-13455",
"lastModified": "2024-11-21T04:24:56.373",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-27T17:15:10.570",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/acknowledge.c"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/acknowledge.c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-13486
Vulnerability from fkie_nvd - Published: 2019-08-27 17:15 - Updated: 2024-11-21 04:24
Severity ?
Summary
In Xymon through 4.3.28, a stack-based buffer overflow exists in the status-log viewer component because of expansion in svcstatus.c.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/svcstatus.c | Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://lists.xymon.com/archive/2019-July/046570.html | Mailing List, Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/svcstatus.c | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.xymon.com/archive/2019-July/046570.html | Mailing List, Release Notes, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| xymon | xymon | * | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xymon:xymon:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BA8FC24-A087-49B8-B96B-F843CD830399",
"versionEndIncluding": "4.3.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Xymon through 4.3.28, a stack-based buffer overflow exists in the status-log viewer component because of \u0026nbsp; expansion in svcstatus.c."
},
{
"lang": "es",
"value": "En Xymon a trav\u00e9s de 4.3.28, existe un desbordamiento de b\u00fafer stack-based en el componente del visor de registro de estado debido a \u00a0 expansi\u00f3n en svcstatus.c."
}
],
"id": "CVE-2019-13486",
"lastModified": "2024-11-21T04:24:59.937",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-27T17:15:10.773",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/svcstatus.c"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Release Notes",
"Vendor Advisory"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/svcstatus.c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Release Notes",
"Vendor Advisory"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-13273
Vulnerability from fkie_nvd - Published: 2019-08-27 17:15 - Updated: 2024-11-21 04:24
Severity ?
Summary
In Xymon through 4.3.28, a buffer overflow vulnerability exists in the csvinfo CGI script. The overflow may be exploited by sending a crafted GET request that triggers an sprintf of the srcdb parameter.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/csvinfo.c | Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/csvinfo.c | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html | Mailing List, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| xymon | xymon | * | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xymon:xymon:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BA8FC24-A087-49B8-B96B-F843CD830399",
"versionEndIncluding": "4.3.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Xymon through 4.3.28, a buffer overflow vulnerability exists in the csvinfo CGI script. The overflow may be exploited by sending a crafted GET request that triggers an sprintf of the srcdb parameter."
},
{
"lang": "es",
"value": "En Xymon a trav\u00e9s de 4.3.28, existe una vulnerabilidad de desbordamiento de b\u00fafer en el script CGI csvinfo. El desbordamiento se puede aprovechar enviando una solicitud GET creada que desencadena una sprintf del par\u00e1metro srcdb."
}
],
"id": "CVE-2019-13273",
"lastModified": "2024-11-21T04:24:35.973",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-27T17:15:10.303",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/csvinfo.c"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/csvinfo.c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-13451
Vulnerability from fkie_nvd - Published: 2019-08-27 17:15 - Updated: 2024-11-21 04:24
Severity ?
Summary
In Xymon through 4.3.28, a buffer overflow vulnerability exists in history.c.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/history.c | Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://lists.xymon.com/archive/2019-July/046570.html | Mailing List, Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/history.c | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.xymon.com/archive/2019-July/046570.html | Mailing List, Release Notes, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| xymon | xymon | * | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xymon:xymon:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BA8FC24-A087-49B8-B96B-F843CD830399",
"versionEndIncluding": "4.3.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Xymon through 4.3.28, a buffer overflow vulnerability exists in history.c."
},
{
"lang": "es",
"value": "En Xymon a trav\u00e9s de 4.3.28, existe una vulnerabilidad de desbordamiento de b\u00fafer en history.c."
}
],
"id": "CVE-2019-13451",
"lastModified": "2024-11-21T04:24:55.753",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-27T17:15:10.427",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/history.c"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Release Notes",
"Vendor Advisory"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/history.c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Release Notes",
"Vendor Advisory"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-13452
Vulnerability from fkie_nvd - Published: 2019-08-27 17:15 - Updated: 2024-11-21 04:24
Severity ?
Summary
In Xymon through 4.3.28, a buffer overflow vulnerability exists in reportlog.c.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/reportlog.c | Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://lists.xymon.com/archive/2019-July/046570.html | Mailing List, Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/reportlog.c | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.xymon.com/archive/2019-July/046570.html | Mailing List, Release Notes, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| xymon | xymon | * | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xymon:xymon:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BA8FC24-A087-49B8-B96B-F843CD830399",
"versionEndIncluding": "4.3.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Xymon through 4.3.28, a buffer overflow vulnerability exists in reportlog.c."
},
{
"lang": "es",
"value": "En Xymon a trav\u00e9s de 4.3.28, existe una vulnerabilidad de desbordamiento de b\u00fafer en reportlog.c."
}
],
"id": "CVE-2019-13452",
"lastModified": "2024-11-21T04:24:55.907",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-27T17:15:10.507",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/reportlog.c"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Release Notes",
"Vendor Advisory"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/reportlog.c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Release Notes",
"Vendor Advisory"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-13274
Vulnerability from fkie_nvd - Published: 2019-08-27 17:15 - Updated: 2024-11-21 04:24
Severity ?
Summary
In Xymon through 4.3.28, an XSS vulnerability exists in the csvinfo CGI script due to insufficient filtering of the db parameter.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/csvinfo.c | Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/csvinfo.c | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html | Mailing List, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| xymon | xymon | * | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xymon:xymon:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BA8FC24-A087-49B8-B96B-F843CD830399",
"versionEndIncluding": "4.3.28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Xymon through 4.3.28, an XSS vulnerability exists in the csvinfo CGI script due to insufficient filtering of the db parameter."
},
{
"lang": "es",
"value": "En Xymon a trav\u00e9s de 4.3.28, existe una vulnerabilidad XSS en el script CGI csvinfo debido a un filtrado insuficiente del par\u00e1metro db."
}
],
"id": "CVE-2019-13274",
"lastModified": "2024-11-21T04:24:36.110",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-27T17:15:10.367",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/csvinfo.c"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/csvinfo.c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2015-1430
Vulnerability from fkie_nvd - Published: 2017-08-28 15:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
Buffer overflow in xymon 4.3.17-1.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2015/01/31/4 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2015/01/31/4 | Mailing List, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.17-1:*:*:*:*:*:*:*",
"matchCriteriaId": "E880225B-9250-4D39-A80B-4B6FA3C3B253",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in xymon 4.3.17-1."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de desbordamiento de b\u00fafer en xymon 4.3.17-1."
}
],
"id": "CVE-2015-1430",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-28T15:29:01.267",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/31/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/31/4"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-2058
Vulnerability from fkie_nvd - Published: 2016-04-13 16:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow (1) remote Xymon clients to inject arbitrary web script or HTML via a status-message, which is not properly handled in the "detailed status" page, or (2) remote authenticated users to inject arbitrary web script or HTML via an acknowledgement message, which is not properly handled in the "status" page.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 8.0 | |
| xymon | xymon | 4.1.0 | |
| xymon | xymon | 4.1.1 | |
| xymon | xymon | 4.1.2 | |
| xymon | xymon | 4.1.2 | |
| xymon | xymon | 4.1.2 | |
| xymon | xymon | 4.2 | |
| xymon | xymon | 4.2 | |
| xymon | xymon | 4.2 | |
| xymon | xymon | 4.2.0 | |
| xymon | xymon | 4.2.2 | |
| xymon | xymon | 4.2.2 | |
| xymon | xymon | 4.2.3 | |
| xymon | xymon | 4.2.3 | |
| xymon | xymon | 4.3.0 | |
| xymon | xymon | 4.3.0 | |
| xymon | xymon | 4.3.0 | |
| xymon | xymon | 4.3.0 | |
| xymon | xymon | 4.3.0 | |
| xymon | xymon | 4.3.1 | |
| xymon | xymon | 4.3.2 | |
| xymon | xymon | 4.3.3 | |
| xymon | xymon | 4.3.4 | |
| xymon | xymon | 4.3.5 | |
| xymon | xymon | 4.3.6 | |
| xymon | xymon | 4.3.7 | |
| xymon | xymon | 4.3.8 | |
| xymon | xymon | 4.3.9 | |
| xymon | xymon | 4.3.10 | |
| xymon | xymon | 4.3.11 | |
| xymon | xymon | 4.3.12 | |
| xymon | xymon | 4.3.13 | |
| xymon | xymon | 4.3.14 | |
| xymon | xymon | 4.3.15 | |
| xymon | xymon | 4.3.16 | |
| xymon | xymon | 4.3.17 | |
| xymon | xymon | 4.3.18 | |
| xymon | xymon | 4.3.19 | |
| xymon | xymon | 4.3.19 | |
| xymon | xymon | 4.3.20 | |
| xymon | xymon | 4.3.21 | |
| xymon | xymon | 4.3.22 | |
| xymon | xymon | 4.3.23 | |
| xymon | xymon | 4.3.24 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xymon:xymon:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DFF9FA93-847A-4643-BB90-90AC31DE7C72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7A7DED6-B90D-4A05-ACF1-510D16B2C1F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B3EBFA2C-78A8-45BB-B6E2-F74595943813",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.1.2:p1:*:*:*:*:*:*",
"matchCriteriaId": "6A33AD76-55B7-42B4-997B-B4C595030AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.1.2:p2:*:*:*:*:*:*",
"matchCriteriaId": "DB9A6911-0622-4A71-8ADA-1BC162F12C96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.2:alfa:*:*:*:*:*:*",
"matchCriteriaId": "DD605003-3DEC-44C3-9A61-9DAA3FFEF4EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.2:beta20060605:*:*:*:*:*:*",
"matchCriteriaId": "6D967474-9D3D-4555-9C28-AD9F38D0F4B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.2:rc20060712:*:*:*:*:*:*",
"matchCriteriaId": "B0623B70-5545-4D9E-80B2-F12363933152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B8483753-07E0-476A-8D04-85905B50CEB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1071598C-C7CC-4704-A883-7FBAE94F3573",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.2.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "2EBC151E-A02F-409B-86E1-9B3F59966F20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D6C4977F-2C44-4222-BD38-266127076A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.2.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "59DEEBE8-4A76-4DF8-8DD4-0446EA6CDDAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "699A4A57-0488-43A1-9BC9-68F69326CD65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "E4BEDF60-02D7-4192-A3BE-6D35A6BAE886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "8AE0300B-8514-409A-AA89-A591918855C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "2FD5FA1D-576F-4A4F-873B-8F47BD871374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "EB113981-5BE0-4AAC-94E3-6A2C34A5E7E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B0EA40FA-CA00-43B6-80DF-DFD2C1D77ECE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8785A4E4-22A1-437C-9CBB-9B141938DF6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D9EF9762-78D4-4C99-B986-BDA9D8C334F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9D161D58-6573-426B-9578-C2340280CB08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3148DF23-6EA1-4091-BFF0-14E33895B7B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8AD586CB-19F5-41A3-86A6-46986156DC5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CC494B4-0A5A-4D55-B98B-D929394F7839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D3B17CB4-E8CE-4C3E-B0D1-86FCEBA2F339",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3B4A8F-D0EF-4C50-AA0E-6507F1815595",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AD471985-1D60-4E68-B862-7DCC18A76235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F6E92CA4-44AB-4A95-A8D5-57F9167E4549",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "E7FC838D-6AA2-491C-9F1C-0B69141531CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "11DA6306-D261-459E-B311-7AD978E915A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "5E6C75E3-6935-435F-989B-811C6D9846FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "BD68AC81-36CB-493D-AB17-4C753148C04F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6A1FD6-DAB8-4A19-A279-8DD721E9BF92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "0D78C91F-1763-40C0-906C-9DE90E8776C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.18:*:*:*:*:*:*:*",
"matchCriteriaId": "2B213484-1A35-4024-96B8-B5642E7FFF2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.19:*:*:*:*:*:*:*",
"matchCriteriaId": "AFA3F5E6-3C5C-436D-B131-AB9F328CFB28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "2BA9B919-E977-4C76-8132-D5C72EE0ED80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "8F75C2CF-95CC-4510-AD93-7ABF8F810DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.21:*:*:*:*:*:*:*",
"matchCriteriaId": "20837B84-D33F-49AE-A886-53683351746D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.22:*:*:*:*:*:*:*",
"matchCriteriaId": "CADB87EA-D745-4776-991D-EABFD7CFD149",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.23:*:*:*:*:*:*:*",
"matchCriteriaId": "56394517-A9F0-4BEE-A185-0684BE30CF14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.24:*:*:*:*:*:*:*",
"matchCriteriaId": "2788A97E-E027-424B-85CF-4121CFC81671",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow (1) remote Xymon clients to inject arbitrary web script or HTML via a status-message, which is not properly handled in the \"detailed status\" page, or (2) remote authenticated users to inject arbitrary web script or HTML via an acknowledgement message, which is not properly handled in the \"status\" page."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de XSS en Xymon 4.1.x, 4.2.x y 4.3.x en versiones anteriores a 4.3.25 permiten a (1) clientes remotos Xymon inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de un mensaje de estado, que no se maneja correctamente en la p\u00e1gina \"detailed status\", o (2) usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de un mensaje de reconocimiento, que no se maneja correctamente en la p\u00e1gina \"status\"."
}
],
"id": "CVE-2016-2058",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-04-13T16:59:08.787",
"references": [
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/135758/Xymon-4.3.x-Buffer-Overflow-Code-Execution-Information-Disclosure.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3495"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/537522/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://sourceforge.net/p/xymon/code/7892/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/135758/Xymon-4.3.x-Buffer-Overflow-Code-Execution-Information-Disclosure.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3495"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/537522/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://sourceforge.net/p/xymon/code/7892/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-2057
Vulnerability from fkie_nvd - Published: 2016-04-13 16:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
lib/xymond_ipc.c in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 use weak permissions (666) for an unspecified IPC message queue, which allows local users to inject arbitrary messages by writing to that queue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| xymon | xymon | 4.1.0 | |
| xymon | xymon | 4.1.1 | |
| xymon | xymon | 4.1.2 | |
| xymon | xymon | 4.1.2 | |
| xymon | xymon | 4.1.2 | |
| xymon | xymon | 4.2 | |
| xymon | xymon | 4.2 | |
| xymon | xymon | 4.2 | |
| xymon | xymon | 4.2.0 | |
| xymon | xymon | 4.2.2 | |
| xymon | xymon | 4.2.2 | |
| xymon | xymon | 4.2.3 | |
| xymon | xymon | 4.2.3 | |
| xymon | xymon | 4.3.0 | |
| xymon | xymon | 4.3.0 | |
| xymon | xymon | 4.3.0 | |
| xymon | xymon | 4.3.0 | |
| xymon | xymon | 4.3.0 | |
| xymon | xymon | 4.3.1 | |
| xymon | xymon | 4.3.2 | |
| xymon | xymon | 4.3.3 | |
| xymon | xymon | 4.3.4 | |
| xymon | xymon | 4.3.5 | |
| xymon | xymon | 4.3.6 | |
| xymon | xymon | 4.3.7 | |
| xymon | xymon | 4.3.8 | |
| xymon | xymon | 4.3.9 | |
| xymon | xymon | 4.3.10 | |
| xymon | xymon | 4.3.11 | |
| xymon | xymon | 4.3.12 | |
| xymon | xymon | 4.3.13 | |
| xymon | xymon | 4.3.14 | |
| xymon | xymon | 4.3.15 | |
| xymon | xymon | 4.3.16 | |
| xymon | xymon | 4.3.17 | |
| xymon | xymon | 4.3.18 | |
| xymon | xymon | 4.3.19 | |
| xymon | xymon | 4.3.19 | |
| xymon | xymon | 4.3.20 | |
| xymon | xymon | 4.3.21 | |
| xymon | xymon | 4.3.22 | |
| xymon | xymon | 4.3.23 | |
| xymon | xymon | 4.3.24 | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xymon:xymon:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DFF9FA93-847A-4643-BB90-90AC31DE7C72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7A7DED6-B90D-4A05-ACF1-510D16B2C1F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B3EBFA2C-78A8-45BB-B6E2-F74595943813",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.1.2:p1:*:*:*:*:*:*",
"matchCriteriaId": "6A33AD76-55B7-42B4-997B-B4C595030AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.1.2:p2:*:*:*:*:*:*",
"matchCriteriaId": "DB9A6911-0622-4A71-8ADA-1BC162F12C96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.2:alfa:*:*:*:*:*:*",
"matchCriteriaId": "DD605003-3DEC-44C3-9A61-9DAA3FFEF4EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.2:beta20060605:*:*:*:*:*:*",
"matchCriteriaId": "6D967474-9D3D-4555-9C28-AD9F38D0F4B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.2:rc20060712:*:*:*:*:*:*",
"matchCriteriaId": "B0623B70-5545-4D9E-80B2-F12363933152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B8483753-07E0-476A-8D04-85905B50CEB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1071598C-C7CC-4704-A883-7FBAE94F3573",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.2.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "2EBC151E-A02F-409B-86E1-9B3F59966F20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D6C4977F-2C44-4222-BD38-266127076A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.2.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "59DEEBE8-4A76-4DF8-8DD4-0446EA6CDDAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "699A4A57-0488-43A1-9BC9-68F69326CD65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "E4BEDF60-02D7-4192-A3BE-6D35A6BAE886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "8AE0300B-8514-409A-AA89-A591918855C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "2FD5FA1D-576F-4A4F-873B-8F47BD871374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "EB113981-5BE0-4AAC-94E3-6A2C34A5E7E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B0EA40FA-CA00-43B6-80DF-DFD2C1D77ECE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8785A4E4-22A1-437C-9CBB-9B141938DF6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D9EF9762-78D4-4C99-B986-BDA9D8C334F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9D161D58-6573-426B-9578-C2340280CB08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3148DF23-6EA1-4091-BFF0-14E33895B7B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8AD586CB-19F5-41A3-86A6-46986156DC5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CC494B4-0A5A-4D55-B98B-D929394F7839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D3B17CB4-E8CE-4C3E-B0D1-86FCEBA2F339",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3B4A8F-D0EF-4C50-AA0E-6507F1815595",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AD471985-1D60-4E68-B862-7DCC18A76235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F6E92CA4-44AB-4A95-A8D5-57F9167E4549",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "E7FC838D-6AA2-491C-9F1C-0B69141531CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "11DA6306-D261-459E-B311-7AD978E915A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "5E6C75E3-6935-435F-989B-811C6D9846FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "BD68AC81-36CB-493D-AB17-4C753148C04F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6A1FD6-DAB8-4A19-A279-8DD721E9BF92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "0D78C91F-1763-40C0-906C-9DE90E8776C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.18:*:*:*:*:*:*:*",
"matchCriteriaId": "2B213484-1A35-4024-96B8-B5642E7FFF2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.19:*:*:*:*:*:*:*",
"matchCriteriaId": "AFA3F5E6-3C5C-436D-B131-AB9F328CFB28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "2BA9B919-E977-4C76-8132-D5C72EE0ED80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "8F75C2CF-95CC-4510-AD93-7ABF8F810DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.21:*:*:*:*:*:*:*",
"matchCriteriaId": "20837B84-D33F-49AE-A886-53683351746D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.22:*:*:*:*:*:*:*",
"matchCriteriaId": "CADB87EA-D745-4776-991D-EABFD7CFD149",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.23:*:*:*:*:*:*:*",
"matchCriteriaId": "56394517-A9F0-4BEE-A185-0684BE30CF14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.24:*:*:*:*:*:*:*",
"matchCriteriaId": "2788A97E-E027-424B-85CF-4121CFC81671",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "lib/xymond_ipc.c in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 use weak permissions (666) for an unspecified IPC message queue, which allows local users to inject arbitrary messages by writing to that queue."
},
{
"lang": "es",
"value": "lib/xymond_ipc.c en Xymon 4.1.x, 4.2.x y 4.3.x en versiones anteriores a 4.3.25 utiliza permisos d\u00e9biles (666) para una cola de mensajes IPC no especificada, lo que permite a usuarios locales inyectar mensajes arbitrarios escribiendo en esa cola."
}
],
"id": "CVE-2016-2057",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-04-13T16:59:07.597",
"references": [
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/135758/Xymon-4.3.x-Buffer-Overflow-Code-Execution-Information-Disclosure.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3495"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/537522/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://sourceforge.net/p/xymon/code/7891/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/135758/Xymon-4.3.x-Buffer-Overflow-Code-Execution-Information-Disclosure.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3495"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/537522/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://sourceforge.net/p/xymon/code/7891/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-2056
Vulnerability from fkie_nvd - Published: 2016-04-13 16:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote authenticated users to execute arbitrary commands via shell metacharacters in the adduser_name argument in (1) web/useradm.c or (2) web/chpasswd.c.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| xymon | xymon | 4.1.0 | |
| xymon | xymon | 4.1.1 | |
| xymon | xymon | 4.1.2 | |
| xymon | xymon | 4.1.2 | |
| xymon | xymon | 4.1.2 | |
| xymon | xymon | 4.2 | |
| xymon | xymon | 4.2 | |
| xymon | xymon | 4.2 | |
| xymon | xymon | 4.2.0 | |
| xymon | xymon | 4.2.2 | |
| xymon | xymon | 4.2.2 | |
| xymon | xymon | 4.2.3 | |
| xymon | xymon | 4.2.3 | |
| xymon | xymon | 4.3.0 | |
| xymon | xymon | 4.3.0 | |
| xymon | xymon | 4.3.0 | |
| xymon | xymon | 4.3.0 | |
| xymon | xymon | 4.3.0 | |
| xymon | xymon | 4.3.1 | |
| xymon | xymon | 4.3.2 | |
| xymon | xymon | 4.3.3 | |
| xymon | xymon | 4.3.4 | |
| xymon | xymon | 4.3.5 | |
| xymon | xymon | 4.3.6 | |
| xymon | xymon | 4.3.7 | |
| xymon | xymon | 4.3.8 | |
| xymon | xymon | 4.3.9 | |
| xymon | xymon | 4.3.10 | |
| xymon | xymon | 4.3.11 | |
| xymon | xymon | 4.3.12 | |
| xymon | xymon | 4.3.13 | |
| xymon | xymon | 4.3.14 | |
| xymon | xymon | 4.3.15 | |
| xymon | xymon | 4.3.16 | |
| xymon | xymon | 4.3.17 | |
| xymon | xymon | 4.3.18 | |
| xymon | xymon | 4.3.19 | |
| xymon | xymon | 4.3.19 | |
| xymon | xymon | 4.3.20 | |
| xymon | xymon | 4.3.21 | |
| xymon | xymon | 4.3.22 | |
| xymon | xymon | 4.3.23 | |
| xymon | xymon | 4.3.24 | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:xymon:xymon:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DFF9FA93-847A-4643-BB90-90AC31DE7C72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7A7DED6-B90D-4A05-ACF1-510D16B2C1F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B3EBFA2C-78A8-45BB-B6E2-F74595943813",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.1.2:p1:*:*:*:*:*:*",
"matchCriteriaId": "6A33AD76-55B7-42B4-997B-B4C595030AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.1.2:p2:*:*:*:*:*:*",
"matchCriteriaId": "DB9A6911-0622-4A71-8ADA-1BC162F12C96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.2:alfa:*:*:*:*:*:*",
"matchCriteriaId": "DD605003-3DEC-44C3-9A61-9DAA3FFEF4EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.2:beta20060605:*:*:*:*:*:*",
"matchCriteriaId": "6D967474-9D3D-4555-9C28-AD9F38D0F4B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.2:rc20060712:*:*:*:*:*:*",
"matchCriteriaId": "B0623B70-5545-4D9E-80B2-F12363933152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B8483753-07E0-476A-8D04-85905B50CEB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1071598C-C7CC-4704-A883-7FBAE94F3573",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.2.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "2EBC151E-A02F-409B-86E1-9B3F59966F20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D6C4977F-2C44-4222-BD38-266127076A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.2.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "59DEEBE8-4A76-4DF8-8DD4-0446EA6CDDAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "699A4A57-0488-43A1-9BC9-68F69326CD65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "E4BEDF60-02D7-4192-A3BE-6D35A6BAE886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "8AE0300B-8514-409A-AA89-A591918855C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "2FD5FA1D-576F-4A4F-873B-8F47BD871374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "EB113981-5BE0-4AAC-94E3-6A2C34A5E7E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B0EA40FA-CA00-43B6-80DF-DFD2C1D77ECE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8785A4E4-22A1-437C-9CBB-9B141938DF6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D9EF9762-78D4-4C99-B986-BDA9D8C334F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9D161D58-6573-426B-9578-C2340280CB08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3148DF23-6EA1-4091-BFF0-14E33895B7B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8AD586CB-19F5-41A3-86A6-46986156DC5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3CC494B4-0A5A-4D55-B98B-D929394F7839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D3B17CB4-E8CE-4C3E-B0D1-86FCEBA2F339",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3B4A8F-D0EF-4C50-AA0E-6507F1815595",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AD471985-1D60-4E68-B862-7DCC18A76235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F6E92CA4-44AB-4A95-A8D5-57F9167E4549",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "E7FC838D-6AA2-491C-9F1C-0B69141531CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "11DA6306-D261-459E-B311-7AD978E915A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "5E6C75E3-6935-435F-989B-811C6D9846FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "BD68AC81-36CB-493D-AB17-4C753148C04F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.16:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6A1FD6-DAB8-4A19-A279-8DD721E9BF92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.17:*:*:*:*:*:*:*",
"matchCriteriaId": "0D78C91F-1763-40C0-906C-9DE90E8776C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.18:*:*:*:*:*:*:*",
"matchCriteriaId": "2B213484-1A35-4024-96B8-B5642E7FFF2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.19:*:*:*:*:*:*:*",
"matchCriteriaId": "AFA3F5E6-3C5C-436D-B131-AB9F328CFB28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.19:rc1:*:*:*:*:*:*",
"matchCriteriaId": "2BA9B919-E977-4C76-8132-D5C72EE0ED80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "8F75C2CF-95CC-4510-AD93-7ABF8F810DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.21:*:*:*:*:*:*:*",
"matchCriteriaId": "20837B84-D33F-49AE-A886-53683351746D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.22:*:*:*:*:*:*:*",
"matchCriteriaId": "CADB87EA-D745-4776-991D-EABFD7CFD149",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.23:*:*:*:*:*:*:*",
"matchCriteriaId": "56394517-A9F0-4BEE-A185-0684BE30CF14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xymon:xymon:4.3.24:*:*:*:*:*:*:*",
"matchCriteriaId": "2788A97E-E027-424B-85CF-4121CFC81671",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote authenticated users to execute arbitrary commands via shell metacharacters in the adduser_name argument in (1) web/useradm.c or (2) web/chpasswd.c."
},
{
"lang": "es",
"value": "xymond en Xymon 4.1.x, 4.2.x y 4.3.x en versiones anteriores a 4.3.25 permite a usuarios remotos autenticados ejecutar comandos arbitrarios a trav\u00e9s de metacaracteres shell en el argumento adduser_name en (1) web/useradm.c o (2) web/chpasswd.c."
}
],
"id": "CVE-2016-2056",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-04-13T16:59:06.550",
"references": [
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/135758/Xymon-4.3.x-Buffer-Overflow-Code-Execution-Information-Disclosure.html"
},
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/153620/Xymon-useradm-Command-Execution.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2016/dsa-3495"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/537522/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://sourceforge.net/p/xymon/code/7892/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/135758/Xymon-4.3.x-Buffer-Overflow-Code-Execution-Information-Disclosure.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/153620/Xymon-useradm-Command-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2016/dsa-3495"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/537522/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://sourceforge.net/p/xymon/code/7892/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2019-13273 (GCVE-0-2019-13273)
Vulnerability from cvelistv5 – Published: 2019-08-27 16:52 – Updated: 2024-08-04 23:49
VLAI?
Summary
In Xymon through 4.3.28, a buffer overflow vulnerability exists in the csvinfo CGI script. The overflow may be exploited by sending a crafted GET request that triggers an sprintf of the srcdb parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:49:24.435Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/csvinfo.c"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Xymon through 4.3.28, a buffer overflow vulnerability exists in the csvinfo CGI script. The overflow may be exploited by sending a crafted GET request that triggers an sprintf of the srcdb parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-27T16:52:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/csvinfo.c"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13273",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Xymon through 4.3.28, a buffer overflow vulnerability exists in the csvinfo CGI script. The overflow may be exploited by sending a crafted GET request that triggers an sprintf of the srcdb parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/csvinfo.c",
"refsource": "MISC",
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/csvinfo.c"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html",
"refsource": "CONFIRM",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-13273",
"datePublished": "2019-08-27T16:52:01",
"dateReserved": "2019-07-04T00:00:00",
"dateUpdated": "2024-08-04T23:49:24.435Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-13274 (GCVE-0-2019-13274)
Vulnerability from cvelistv5 – Published: 2019-08-27 16:49 – Updated: 2024-08-04 23:49
VLAI?
Summary
In Xymon through 4.3.28, an XSS vulnerability exists in the csvinfo CGI script due to insufficient filtering of the db parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:49:23.992Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/csvinfo.c"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Xymon through 4.3.28, an XSS vulnerability exists in the csvinfo CGI script due to insufficient filtering of the db parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-27T16:49:13",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/csvinfo.c"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13274",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Xymon through 4.3.28, an XSS vulnerability exists in the csvinfo CGI script due to insufficient filtering of the db parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/csvinfo.c",
"refsource": "MISC",
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/csvinfo.c"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html",
"refsource": "CONFIRM",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-13274",
"datePublished": "2019-08-27T16:49:13",
"dateReserved": "2019-07-04T00:00:00",
"dateUpdated": "2024-08-04T23:49:23.992Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-13451 (GCVE-0-2019-13451)
Vulnerability from cvelistv5 – Published: 2019-08-27 16:37 – Updated: 2024-08-04 23:49
VLAI?
Summary
In Xymon through 4.3.28, a buffer overflow vulnerability exists in history.c.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:49:25.020Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/history.c"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Xymon through 4.3.28, a buffer overflow vulnerability exists in history.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-27T16:37:07",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/history.c"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13451",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Xymon through 4.3.28, a buffer overflow vulnerability exists in history.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/history.c",
"refsource": "MISC",
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/history.c"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html",
"refsource": "CONFIRM",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"name": "https://lists.xymon.com/archive/2019-July/046570.html",
"refsource": "CONFIRM",
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-13451",
"datePublished": "2019-08-27T16:37:07",
"dateReserved": "2019-07-09T00:00:00",
"dateUpdated": "2024-08-04T23:49:25.020Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-13452 (GCVE-0-2019-13452)
Vulnerability from cvelistv5 – Published: 2019-08-27 16:31 – Updated: 2024-08-04 23:49
VLAI?
Summary
In Xymon through 4.3.28, a buffer overflow vulnerability exists in reportlog.c.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:49:24.982Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/reportlog.c"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Xymon through 4.3.28, a buffer overflow vulnerability exists in reportlog.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-27T16:31:49",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/reportlog.c"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13452",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Xymon through 4.3.28, a buffer overflow vulnerability exists in reportlog.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/reportlog.c",
"refsource": "MISC",
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/reportlog.c"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html",
"refsource": "CONFIRM",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"name": "https://lists.xymon.com/archive/2019-July/046570.html",
"refsource": "CONFIRM",
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-13452",
"datePublished": "2019-08-27T16:31:49",
"dateReserved": "2019-07-09T00:00:00",
"dateUpdated": "2024-08-04T23:49:24.982Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-13455 (GCVE-0-2019-13455)
Vulnerability from cvelistv5 – Published: 2019-08-27 16:28 – Updated: 2024-08-04 23:49
VLAI?
Summary
In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the alert acknowledgment CGI tool because of expansion in acknowledge.c.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:49:25.032Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/acknowledge.c"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the alert acknowledgment CGI tool because of \u0026nbsp; expansion in acknowledge.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-27T16:28:15",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/acknowledge.c"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13455",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the alert acknowledgment CGI tool because of \u0026nbsp; expansion in acknowledge.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/acknowledge.c",
"refsource": "MISC",
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/acknowledge.c"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html",
"refsource": "CONFIRM",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"name": "https://lists.xymon.com/archive/2019-July/046570.html",
"refsource": "CONFIRM",
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-13455",
"datePublished": "2019-08-27T16:28:15",
"dateReserved": "2019-07-09T00:00:00",
"dateUpdated": "2024-08-04T23:49:25.032Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-13484 (GCVE-0-2019-13484)
Vulnerability from cvelistv5 – Published: 2019-08-27 16:26 – Updated: 2024-08-04 23:57
VLAI?
Summary
In Xymon through 4.3.28, a buffer overflow exists in the status-log viewer CGI because of expansion in appfeed.c.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:57:39.212Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/appfeed.c"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Xymon through 4.3.28, a buffer overflow exists in the status-log viewer CGI because of \u0026nbsp; expansion in appfeed.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-27T16:26:53",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/appfeed.c"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13484",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Xymon through 4.3.28, a buffer overflow exists in the status-log viewer CGI because of \u0026nbsp; expansion in appfeed.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/appfeed.c",
"refsource": "MISC",
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/appfeed.c"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html",
"refsource": "CONFIRM",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"name": "https://lists.xymon.com/archive/2019-July/046570.html",
"refsource": "CONFIRM",
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-13484",
"datePublished": "2019-08-27T16:26:53",
"dateReserved": "2019-07-10T00:00:00",
"dateUpdated": "2024-08-04T23:57:39.212Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-13485 (GCVE-0-2019-13485)
Vulnerability from cvelistv5 – Published: 2019-08-27 16:25 – Updated: 2024-08-04 23:57
VLAI?
Summary
In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the history viewer component via a long hostname or service parameter to history.c.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:57:38.998Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/history.c"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the history viewer component via a long hostname or service parameter to history.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-27T16:25:52",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/history.c"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13485",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the history viewer component via a long hostname or service parameter to history.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/history.c",
"refsource": "MISC",
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/history.c"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html",
"refsource": "CONFIRM",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"name": "https://lists.xymon.com/archive/2019-July/046570.html",
"refsource": "CONFIRM",
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-13485",
"datePublished": "2019-08-27T16:25:52",
"dateReserved": "2019-07-10T00:00:00",
"dateUpdated": "2024-08-04T23:57:38.998Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-13486 (GCVE-0-2019-13486)
Vulnerability from cvelistv5 – Published: 2019-08-27 16:01 – Updated: 2024-08-04 23:57
VLAI?
Summary
In Xymon through 4.3.28, a stack-based buffer overflow exists in the status-log viewer component because of expansion in svcstatus.c.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:57:38.661Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/svcstatus.c"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Xymon through 4.3.28, a stack-based buffer overflow exists in the status-log viewer component because of \u0026nbsp; expansion in svcstatus.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-27T16:01:29",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/svcstatus.c"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13486",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Xymon through 4.3.28, a stack-based buffer overflow exists in the status-log viewer component because of \u0026nbsp; expansion in svcstatus.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/svcstatus.c",
"refsource": "MISC",
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/svcstatus.c"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html",
"refsource": "CONFIRM",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"name": "https://lists.xymon.com/archive/2019-July/046570.html",
"refsource": "CONFIRM",
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-13486",
"datePublished": "2019-08-27T16:01:29",
"dateReserved": "2019-07-10T00:00:00",
"dateUpdated": "2024-08-04T23:57:38.661Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1430 (GCVE-0-2015-1430)
Vulnerability from cvelistv5 – Published: 2017-08-28 15:00 – Updated: 2024-08-06 04:40
VLAI?
Summary
Buffer overflow in xymon 4.3.17-1.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:40:18.596Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20150131 Re: CVE request: Xymon",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/31/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in xymon 4.3.17-1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20150131 Re: CVE request: Xymon",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/31/4"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1430",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in xymon 4.3.17-1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20150131 Re: CVE request: Xymon",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/31/4"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-1430",
"datePublished": "2017-08-28T15:00:00",
"dateReserved": "2015-01-31T00:00:00",
"dateUpdated": "2024-08-06T04:40:18.596Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-13273 (GCVE-0-2019-13273)
Vulnerability from nvd – Published: 2019-08-27 16:52 – Updated: 2024-08-04 23:49
VLAI?
Summary
In Xymon through 4.3.28, a buffer overflow vulnerability exists in the csvinfo CGI script. The overflow may be exploited by sending a crafted GET request that triggers an sprintf of the srcdb parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:49:24.435Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/csvinfo.c"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Xymon through 4.3.28, a buffer overflow vulnerability exists in the csvinfo CGI script. The overflow may be exploited by sending a crafted GET request that triggers an sprintf of the srcdb parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-27T16:52:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/csvinfo.c"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13273",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Xymon through 4.3.28, a buffer overflow vulnerability exists in the csvinfo CGI script. The overflow may be exploited by sending a crafted GET request that triggers an sprintf of the srcdb parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/csvinfo.c",
"refsource": "MISC",
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/csvinfo.c"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html",
"refsource": "CONFIRM",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-13273",
"datePublished": "2019-08-27T16:52:01",
"dateReserved": "2019-07-04T00:00:00",
"dateUpdated": "2024-08-04T23:49:24.435Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-13274 (GCVE-0-2019-13274)
Vulnerability from nvd – Published: 2019-08-27 16:49 – Updated: 2024-08-04 23:49
VLAI?
Summary
In Xymon through 4.3.28, an XSS vulnerability exists in the csvinfo CGI script due to insufficient filtering of the db parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:49:23.992Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/csvinfo.c"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Xymon through 4.3.28, an XSS vulnerability exists in the csvinfo CGI script due to insufficient filtering of the db parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-27T16:49:13",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/csvinfo.c"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13274",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Xymon through 4.3.28, an XSS vulnerability exists in the csvinfo CGI script due to insufficient filtering of the db parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/csvinfo.c",
"refsource": "MISC",
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/csvinfo.c"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html",
"refsource": "CONFIRM",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-13274",
"datePublished": "2019-08-27T16:49:13",
"dateReserved": "2019-07-04T00:00:00",
"dateUpdated": "2024-08-04T23:49:23.992Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-13451 (GCVE-0-2019-13451)
Vulnerability from nvd – Published: 2019-08-27 16:37 – Updated: 2024-08-04 23:49
VLAI?
Summary
In Xymon through 4.3.28, a buffer overflow vulnerability exists in history.c.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:49:25.020Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/history.c"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Xymon through 4.3.28, a buffer overflow vulnerability exists in history.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-27T16:37:07",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/history.c"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13451",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Xymon through 4.3.28, a buffer overflow vulnerability exists in history.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/history.c",
"refsource": "MISC",
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/history.c"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html",
"refsource": "CONFIRM",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"name": "https://lists.xymon.com/archive/2019-July/046570.html",
"refsource": "CONFIRM",
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-13451",
"datePublished": "2019-08-27T16:37:07",
"dateReserved": "2019-07-09T00:00:00",
"dateUpdated": "2024-08-04T23:49:25.020Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-13452 (GCVE-0-2019-13452)
Vulnerability from nvd – Published: 2019-08-27 16:31 – Updated: 2024-08-04 23:49
VLAI?
Summary
In Xymon through 4.3.28, a buffer overflow vulnerability exists in reportlog.c.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:49:24.982Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/reportlog.c"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Xymon through 4.3.28, a buffer overflow vulnerability exists in reportlog.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-27T16:31:49",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/reportlog.c"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13452",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Xymon through 4.3.28, a buffer overflow vulnerability exists in reportlog.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/reportlog.c",
"refsource": "MISC",
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/reportlog.c"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html",
"refsource": "CONFIRM",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"name": "https://lists.xymon.com/archive/2019-July/046570.html",
"refsource": "CONFIRM",
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-13452",
"datePublished": "2019-08-27T16:31:49",
"dateReserved": "2019-07-09T00:00:00",
"dateUpdated": "2024-08-04T23:49:24.982Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-13455 (GCVE-0-2019-13455)
Vulnerability from nvd – Published: 2019-08-27 16:28 – Updated: 2024-08-04 23:49
VLAI?
Summary
In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the alert acknowledgment CGI tool because of expansion in acknowledge.c.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:49:25.032Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/acknowledge.c"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the alert acknowledgment CGI tool because of \u0026nbsp; expansion in acknowledge.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-27T16:28:15",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/acknowledge.c"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13455",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the alert acknowledgment CGI tool because of \u0026nbsp; expansion in acknowledge.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/acknowledge.c",
"refsource": "MISC",
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/acknowledge.c"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html",
"refsource": "CONFIRM",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"name": "https://lists.xymon.com/archive/2019-July/046570.html",
"refsource": "CONFIRM",
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-13455",
"datePublished": "2019-08-27T16:28:15",
"dateReserved": "2019-07-09T00:00:00",
"dateUpdated": "2024-08-04T23:49:25.032Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-13484 (GCVE-0-2019-13484)
Vulnerability from nvd – Published: 2019-08-27 16:26 – Updated: 2024-08-04 23:57
VLAI?
Summary
In Xymon through 4.3.28, a buffer overflow exists in the status-log viewer CGI because of expansion in appfeed.c.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:57:39.212Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/appfeed.c"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Xymon through 4.3.28, a buffer overflow exists in the status-log viewer CGI because of \u0026nbsp; expansion in appfeed.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-27T16:26:53",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/appfeed.c"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13484",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Xymon through 4.3.28, a buffer overflow exists in the status-log viewer CGI because of \u0026nbsp; expansion in appfeed.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/appfeed.c",
"refsource": "MISC",
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/appfeed.c"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html",
"refsource": "CONFIRM",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"name": "https://lists.xymon.com/archive/2019-July/046570.html",
"refsource": "CONFIRM",
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-13484",
"datePublished": "2019-08-27T16:26:53",
"dateReserved": "2019-07-10T00:00:00",
"dateUpdated": "2024-08-04T23:57:39.212Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-13485 (GCVE-0-2019-13485)
Vulnerability from nvd – Published: 2019-08-27 16:25 – Updated: 2024-08-04 23:57
VLAI?
Summary
In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the history viewer component via a long hostname or service parameter to history.c.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:57:38.998Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/history.c"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the history viewer component via a long hostname or service parameter to history.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-27T16:25:52",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/history.c"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13485",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the history viewer component via a long hostname or service parameter to history.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/history.c",
"refsource": "MISC",
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/history.c"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html",
"refsource": "CONFIRM",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"name": "https://lists.xymon.com/archive/2019-July/046570.html",
"refsource": "CONFIRM",
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-13485",
"datePublished": "2019-08-27T16:25:52",
"dateReserved": "2019-07-10T00:00:00",
"dateUpdated": "2024-08-04T23:57:38.998Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-13486 (GCVE-0-2019-13486)
Vulnerability from nvd – Published: 2019-08-27 16:01 – Updated: 2024-08-04 23:57
VLAI?
Summary
In Xymon through 4.3.28, a stack-based buffer overflow exists in the status-log viewer component because of expansion in svcstatus.c.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:57:38.661Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/svcstatus.c"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Xymon through 4.3.28, a stack-based buffer overflow exists in the status-log viewer component because of \u0026nbsp; expansion in svcstatus.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-27T16:01:29",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/svcstatus.c"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13486",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Xymon through 4.3.28, a stack-based buffer overflow exists in the status-log viewer component because of \u0026nbsp; expansion in svcstatus.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/svcstatus.c",
"refsource": "MISC",
"url": "https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/svcstatus.c"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html",
"refsource": "CONFIRM",
"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html"
},
{
"name": "https://lists.xymon.com/archive/2019-July/046570.html",
"refsource": "CONFIRM",
"url": "https://lists.xymon.com/archive/2019-July/046570.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-13486",
"datePublished": "2019-08-27T16:01:29",
"dateReserved": "2019-07-10T00:00:00",
"dateUpdated": "2024-08-04T23:57:38.661Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1430 (GCVE-0-2015-1430)
Vulnerability from nvd – Published: 2017-08-28 15:00 – Updated: 2024-08-06 04:40
VLAI?
Summary
Buffer overflow in xymon 4.3.17-1.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:40:18.596Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20150131 Re: CVE request: Xymon",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/31/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in xymon 4.3.17-1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20150131 Re: CVE request: Xymon",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/31/4"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1430",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in xymon 4.3.17-1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20150131 Re: CVE request: Xymon",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/31/4"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-1430",
"datePublished": "2017-08-28T15:00:00",
"dateReserved": "2015-01-31T00:00:00",
"dateUpdated": "2024-08-06T04:40:18.596Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}