[Xymon] Xymon 4.3.12 released
henrik at hswn.dk
henrik at hswn.dk
Tue Jul 30 14:40:46 CEST 2013
Den 30.07.2013 14:01, Bill Arlofski skrev:
> I noticed in the CVE link provided the following:
>
> --[snip]--
>> If access to administrative commands is limited by use of the
>> "--admin-senders" option for the "xymond" daemon, then the attack
>> is restricted to the commands sent from the IP-adresses listed in
>> the --admin-senders access list. However, the default
>> configuration permits these commands to be sent from any IP.
> --[snip]--
>
> However, I checked several Xymon and Hobbit installations that we
> manage and
> each of them has the --admin-senders=127.0.0.1,$BBSERVERIP (for
> hobbit) and
> --admin-senders=127.0.0.1,$XYMONSERVERIP (for xymon) set.
>
> I know for a fact that these settings were not manually added to the
> xymond
> daemon CMDs on our servers, so this appears to be the default, which
> means
> that by default Xymon (and Hobbit) systems are "not vulnerable."
Several people have pointed this out to me - I was mistaken when I
wrote the vulnerability notice for Bugtraq. You are correct that the
default installation is not vulnerable.
Regards,
Henrik
More information about the Xymon
mailing list