[Xymon] Xymon 4.3.29 Released - Important Security Update

Axel Beckert abe at debian.org
Wed Jul 24 15:54:44 CEST 2019


On Tue, Jul 23, 2019 at 08:57:49AM -0700, Japheth Cleaver wrote:
> Although some of these overflows are not exploitable, others, including an
> XSS vulnerability are.
>   CVE-2019-13451, CVE-2019-13452, CVE-2019-13455, CVE-2019-13473,
>   CVE-2019-13474, CVE-2019-13484, CVE-2019-13485, CVE-2019-13486

Can either you or Graham get a bit more into the details regarding the
impact of any of these vulnerabilities — or point out a posting where
they are explained in more detail? So far I wasn't able to dig up any
posting or similar, e.g. by the Cambridge CSIRT or Graham.

Currently the severity as well as the actual impact of these issues is
quite unclear — also because the CVE-IDs all still say "RESERVED".

		Regards, Axel
 ,''`.  |  Axel Beckert <abe at debian.org>, https://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5
  `-    |  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE

More information about the Xymon mailing list