Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2016-0177)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2016.0177

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2016-0177)

Resumen: The remote host is missing an update for the 'xymon' package(s) announced via the MGASA-2016-0177 advisory.

Descripción: Summary:
The remote host is missing an update for the 'xymon' package(s) announced via the MGASA-2016-0177 advisory.

Vulnerability Insight:
Updated xymon packages fix security vulnerabilities:

The incorrect handling of user-supplied input in the 'config' command can
trigger a stack-based buffer overflow, resulting in denial of service (via
application crash) or remote code execution (CVE-2016-2054).

The incorrect handling of user-supplied input in the 'config' command can
lead to an information leak by serving sensitive configuration files to a
remote user (CVE-2016-2055).

The commands handling password management do not properly validate
user-supplied input, and are thus vulnerable to shell command injection by a
remote user (CVE-2016-2056).

Incorrect permissions on an internal queuing system allow a user with a local
account on the xymon master server to bypass all network-based access control
lists, and thus inject messages directly into xymon (CVE-2016-2057).

Incorrect escaping of user-supplied input in status webpages can be used to
trigger reflected cross-site scripting attacks (CVE-2016-2058).

Note that to effectively fix CVE-2016-2055, the /etc/xymon/xymonpasswd
configuration file should be owned by user and group apache with 640
permissions.

Affected Software/OS:
'xymon' package(s) on Mageia 5.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2016-2054
Bugtraq: 20160214 Xymon: Critical security issues in all versions prior to 4.3.25 (Google Search)
http://www.securityfocus.com/archive/1/537522/100/0/threaded
Debian Security Information: DSA-3495 (Google Search)
http://www.debian.org/security/2016/dsa-3495
http://packetstormsecurity.com/files/135758/Xymon-4.3.x-Buffer-Overflow-Code-Execution-Information-Disclosure.html
http://lists.xymon.com/archive/2016-February/042986.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-2055
Common Vulnerability Exposure (CVE) ID: CVE-2016-2056
http://packetstormsecurity.com/files/153620/Xymon-useradm-Command-Execution.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-2057
Common Vulnerability Exposure (CVE) ID: CVE-2016-2058

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2016.0177
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2016-0177)
Resumen:	The remote host is missing an update for the 'xymon' package(s) announced via the MGASA-2016-0177 advisory.
Descripción:	Summary: The remote host is missing an update for the 'xymon' package(s) announced via the MGASA-2016-0177 advisory. Vulnerability Insight: Updated xymon packages fix security vulnerabilities: The incorrect handling of user-supplied input in the 'config' command can trigger a stack-based buffer overflow, resulting in denial of service (via application crash) or remote code execution (CVE-2016-2054). The incorrect handling of user-supplied input in the 'config' command can lead to an information leak by serving sensitive configuration files to a remote user (CVE-2016-2055). The commands handling password management do not properly validate user-supplied input, and are thus vulnerable to shell command injection by a remote user (CVE-2016-2056). Incorrect permissions on an internal queuing system allow a user with a local account on the xymon master server to bypass all network-based access control lists, and thus inject messages directly into xymon (CVE-2016-2057). Incorrect escaping of user-supplied input in status webpages can be used to trigger reflected cross-site scripting attacks (CVE-2016-2058). Note that to effectively fix CVE-2016-2055, the /etc/xymon/xymonpasswd configuration file should be owned by user and group apache with 640 permissions. Affected Software/OS: 'xymon' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-2054 Bugtraq: 20160214 Xymon: Critical security issues in all versions prior to 4.3.25 (Google Search) http://www.securityfocus.com/archive/1/537522/100/0/threaded Debian Security Information: DSA-3495 (Google Search) http://www.debian.org/security/2016/dsa-3495 http://packetstormsecurity.com/files/135758/Xymon-4.3.x-Buffer-Overflow-Code-Execution-Information-Disclosure.html http://lists.xymon.com/archive/2016-February/042986.html Common Vulnerability Exposure (CVE) ID: CVE-2016-2055 Common Vulnerability Exposure (CVE) ID: CVE-2016-2056 http://packetstormsecurity.com/files/153620/Xymon-useradm-Command-Execution.html Common Vulnerability Exposure (CVE) ID: CVE-2016-2057 Common Vulnerability Exposure (CVE) ID: CVE-2016-2058
Copyright	Copyright (C) 2022 Greenbone AG