[Secure-testing-team] Bug#717895: xymon: remote file deletion vulnerability
Salvatore Bonaccorso
carnil at debian.org
Fri Jul 26 08:19:52 UTC 2013
Package: xymon
Severity: important
Tags: security upstream
Hi Christoph
According to [1] xymon is vulnerable to ta file deletion
vulnerability, which I have not further investigated. Forwarding this
to the BTS. At first glance the impact is limited (according to
mitigation factors section).
Upstream commit fixing this issue is in r7199[2].
[1] http://www.securityfocus.com/archive/1/527534/30/0/threaded
[2] http://sourceforge.net/p/xymon/code/7199/
Regards,
Salvatore
More information about the Secure-testing-team
mailing list