SB2016041323 - Multiple vulnerabilities in GNU Xymon
Published: April 13, 2016 Updated: August 9, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 secuirty vulnerabilities.
1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2016-2057)
The vulnerability allows a local authenticated user to manipulate data.
lib/xymond_ipc.c in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 use weak permissions (666) for an unspecified IPC message queue, which allows local users to inject arbitrary messages by writing to that queue.
2) Command Injection (CVE-ID: CVE-2016-2056)
The vulnerability allows a remote authenticated user to execute arbitrary code.
xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote authenticated users to execute arbitrary commands via shell metacharacters in the adduser_name argument in (1) web/useradm.c or (2) web/chpasswd.c.
3) Information disclosure (CVE-ID: CVE-2016-2055)
The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.
xymond/xymond.c in xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote attackers to read arbitrary files in the configuration directory via a "config" command.
Remediation
Install update from vendor's website.
References
- http://packetstormsecurity.com/files/135758/Xymon-4.3.x-Buffer-Overflow-Code-Execution-Information-Disclosure.html
- http://www.debian.org/security/2016/dsa-3495
- http://www.securityfocus.com/archive/1/537522/100/0/threaded
- https://sourceforge.net/p/xymon/code/7891/
- http://packetstormsecurity.com/files/153620/Xymon-useradm-Command-Execution.html
- https://sourceforge.net/p/xymon/code/7892/
- https://sourceforge.net/p/xymon/code/7890/