[Xymon] Xymon 4.3.29 Released - Important Security Update
Axel Beckert
abe at debian.org
Wed Jul 24 15:54:44 CEST 2019
Hi,
On Tue, Jul 23, 2019 at 08:57:49AM -0700, Japheth Cleaver wrote:
> Although some of these overflows are not exploitable, others, including an
> XSS vulnerability are.
[...
> CVE-2019-13451, CVE-2019-13452, CVE-2019-13455, CVE-2019-13473,
> CVE-2019-13474, CVE-2019-13484, CVE-2019-13485, CVE-2019-13486
Can either you or Graham get a bit more into the details regarding the
impact of any of these vulnerabilities — or point out a posting where
they are explained in more detail? So far I wasn't able to dig up any
posting or similar, e.g. by the Cambridge CSIRT or Graham.
Currently the severity as well as the actual impact of these issues is
quite unclear — also because the CVE-IDs all still say "RESERVED".
Regards, Axel
--
,''`. | Axel Beckert <abe at debian.org>, https://people.debian.org/~abe/
: :' : | Debian Developer, ftp.ch.debian.org Admin
`. `' | 4096R: 2517 B724 C5F6 CA99 5329 6E61 2FF9 CD59 6126 16B5
`- | 1024D: F067 EA27 26B9 C3FC 1486 202E C09E 1D89 9593 0EDE
More information about the Xymon
mailing list