CVE-2016-2054

Priority
Description
Multiple buffer overflows in xymond/xymond.c in xymond in Xymon 4.1.x,
4.2.x, and 4.3.x before 4.3.25 allow remote attackers to execute arbitrary
code or cause a denial of service (daemon crash) via a long filename,
involving handling a "config" command.
Notes
Package
Source: xymon (LP Ubuntu Debian)
Upstream:released (4.3.25-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needs-triage)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was needed)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.3.25-1)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.3.25-1)
Ubuntu 19.10 (Eoan Ermine):not-affected (4.3.25-1)
More Information

Updated: 2020-03-18 22:43:48 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)