[Xymon] Xymon 4.3.12 released

henrik at hswn.dk henrik at hswn.dk
Tue Jul 30 14:40:46 CEST 2013


Den 30.07.2013 14:01, Bill Arlofski skrev:
> I noticed in the CVE link provided the following:
>
> --[snip]--
>> If access to administrative commands is limited by use of the
>> "--admin-senders" option for the "xymond" daemon, then the attack
>> is restricted to the commands sent from the IP-adresses listed in
>> the --admin-senders access list. However, the default
>> configuration permits these commands to be sent from any IP.
> --[snip]--
>
> However, I checked several Xymon and Hobbit installations that we 
> manage and
> each of them has the --admin-senders=127.0.0.1,$BBSERVERIP (for 
> hobbit) and
> --admin-senders=127.0.0.1,$XYMONSERVERIP (for xymon) set.
>
> I know for a fact that these settings were not manually added to the 
> xymond
> daemon CMDs on our servers, so this appears to be the default, which 
> means
> that by default Xymon (and Hobbit) systems are "not vulnerable."

Several people have pointed this out to me - I was mistaken when I 
wrote the vulnerability notice for Bugtraq. You are correct that the 
default installation is not vulnerable.


Regards,
Henrik




More information about the Xymon mailing list