[hobbit] Hobbit monitor: Security issue with Hobbit 4.2-beta client

Henrik Stoerner henrik at hswn.dk
Fri Jun 30 23:14:52 CEST 2006


On Fri, Jun 30, 2006 at 02:30:47PM -0400, Jason Chambers wrote:
> Can you please verify this for me. This only affects if a user is able
> to login to the system, and not the services that may be installed on
> the computer. (ie ftp, web)

Correct. To exploit this, you must be able to create a file on the
system, and run the logfetch command with a special commandline option.


Regards,
Henrik




More information about the Xymon mailing list