CVE-2016-2057
EUVD-2016-316213.04.2016, 16:59
lib/xymond_ipc.c in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 use weak permissions (666) for an unspecified IPC message queue, which allows local users to inject arbitrary messages by writing to that queue.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| xymon | xymon | 4.1.0 |
| xymon | xymon | 4.1.1 |
| xymon | xymon | 4.1.2 |
| xymon | xymon | 4.1.2:p1 |
| xymon | xymon | 4.1.2:p2 |
| xymon | xymon | 4.2:alfa |
| xymon | xymon | 4.2:beta20060605 |
| xymon | xymon | 4.2:rc20060712 |
| xymon | xymon | 4.2.0 |
| xymon | xymon | 4.2.2 |
| xymon | xymon | 4.2.2:rc1 |
| xymon | xymon | 4.2.3 |
| xymon | xymon | 4.2.3:rc1 |
| xymon | xymon | 4.3.0 |
| xymon | xymon | 4.3.0:beta1 |
| xymon | xymon | 4.3.0:beta2 |
| xymon | xymon | 4.3.0:beta3 |
| xymon | xymon | 4.3.0:rc1 |
| xymon | xymon | 4.3.1 |
| xymon | xymon | 4.3.2 |
| xymon | xymon | 4.3.3 |
| xymon | xymon | 4.3.4 |
| xymon | xymon | 4.3.5 |
| xymon | xymon | 4.3.6 |
| xymon | xymon | 4.3.7 |
| xymon | xymon | 4.3.8 |
| xymon | xymon | 4.3.9 |
| xymon | xymon | 4.3.10 |
| xymon | xymon | 4.3.11 |
| xymon | xymon | 4.3.12 |
| xymon | xymon | 4.3.13 |
| xymon | xymon | 4.3.14 |
| xymon | xymon | 4.3.15 |
| xymon | xymon | 4.3.16 |
| xymon | xymon | 4.3.17 |
| xymon | xymon | 4.3.18 |
| xymon | xymon | 4.3.19 |
| xymon | xymon | 4.3.19:rc1 |
| xymon | xymon | 4.3.20 |
| xymon | xymon | 4.3.21 |
| xymon | xymon | 4.3.22 |
| xymon | xymon | 4.3.23 |
| xymon | xymon | 4.3.24 |
| debian | debian_linux | 8.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Common Weakness Enumeration
References