Vulnerability CVE-2019-13452: Information
Description
In Xymon through 4.3.28, a buffer overflow vulnerability exists in reportlog.c.
Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
xymon | sisyphus | 4.3.29-alt1 | 4.3.30-alt2 | ALT-PU-2019-2687-1 | 237473 | Fixed |
xymon | p10 | 4.3.29-alt1 | 4.3.30-alt2 | ALT-PU-2019-2687-1 | 237473 | Fixed |
xymon | p9 | 4.3.29-alt1 | 4.3.30-alt2 | ALT-PU-2019-2690-1 | 237513 | Fixed |
xymon | p8 | 4.3.30-alt2 | 4.3.30-alt2 | ALT-PU-2019-3189-1 | 237111 | Fixed |
xymon | c10f1 | 4.3.29-alt1 | 4.3.30-alt2 | ALT-PU-2019-2687-1 | 237473 | Fixed |
xymon | c9f2 | 4.3.29-alt1 | 4.3.30-alt2 | ALT-PU-2019-2690-1 | 237513 | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/reportlog.c |
|
https://lists.xymon.com/archive/2019-July/046570.html |
|
https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html |
|