CVE-2016-2057
13.04.2016, 16:59
lib/xymond_ipc.c in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 use weak permissions (666) for an unspecified IPC message queue, which allows local users to inject arbitrary messages by writing to that queue.Enginsight
| Vendor | Product | Version |
|---|---|---|
| xymon | xymon | 4.1.0 |
| xymon | xymon | 4.1.1 |
| xymon | xymon | 4.1.2 |
| xymon | xymon | 4.1.2:p1 |
| xymon | xymon | 4.1.2:p2 |
| xymon | xymon | 4.2:alfa |
| xymon | xymon | 4.2:beta20060605 |
| xymon | xymon | 4.2:rc20060712 |
| xymon | xymon | 4.2.0 |
| xymon | xymon | 4.2.2 |
| xymon | xymon | 4.2.2:rc1 |
| xymon | xymon | 4.2.3 |
| xymon | xymon | 4.2.3:rc1 |
| xymon | xymon | 4.3.0 |
| xymon | xymon | 4.3.0:beta1 |
| xymon | xymon | 4.3.0:beta2 |
| xymon | xymon | 4.3.0:beta3 |
| xymon | xymon | 4.3.0:rc1 |
| xymon | xymon | 4.3.1 |
| xymon | xymon | 4.3.2 |
| xymon | xymon | 4.3.3 |
| xymon | xymon | 4.3.4 |
| xymon | xymon | 4.3.5 |
| xymon | xymon | 4.3.6 |
| xymon | xymon | 4.3.7 |
| xymon | xymon | 4.3.8 |
| xymon | xymon | 4.3.9 |
| xymon | xymon | 4.3.10 |
| xymon | xymon | 4.3.11 |
| xymon | xymon | 4.3.12 |
| xymon | xymon | 4.3.13 |
| xymon | xymon | 4.3.14 |
| xymon | xymon | 4.3.15 |
| xymon | xymon | 4.3.16 |
| xymon | xymon | 4.3.17 |
| xymon | xymon | 4.3.18 |
| xymon | xymon | 4.3.19 |
| xymon | xymon | 4.3.19:rc1 |
| xymon | xymon | 4.3.20 |
| xymon | xymon | 4.3.21 |
| xymon | xymon | 4.3.22 |
| xymon | xymon | 4.3.23 |
| xymon | xymon | 4.3.24 |
| debian | debian_linux | 8.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Common Weakness Enumeration
References