In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the history viewer component via a long hostname or service parameter to history.c.
References
Link | Resource |
---|---|
https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/history.c | Third Party Advisory |
https://lists.xymon.com/archive/2019-July/046570.html | Mailing List Release Notes Vendor Advisory |
https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html | Third Party Advisory |
Information
Published : 2019-08-27 10:15
Updated : 2020-08-24 10:37
NVD link : CVE-2019-13485
Mitre link : CVE-2019-13485
JSON object : View
CWE
CWE-787
Out-of-bounds Write
Products Affected
debian
- debian_linux
xymon
- xymon