[Secure-testing-commits] r39549 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Mon Feb 8 20:19:46 UTC 2016


Author: carnil
Date: 2016-02-08 20:19:46 +0000 (Mon, 08 Feb 2016)
New Revision: 39549

Modified:
   data/CVE/list
Log:
Add xymon CVEs (CVE-2016-205{4,5,6,7,8})

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-02-08 20:01:36 UTC (rev 39548)
+++ data/CVE/list	2016-02-08 20:19:46 UTC (rev 39549)
@@ -599,14 +599,24 @@
 	RESERVED
 CVE-2016-2058
 	RESERVED
-CVE-2016-2057
+	- xymon 4.3.25-1
+	NOTE: http://lists.xymon.com/pipermail/xymon/2016-February/042986.html
+CVE-2016-2057 [Incorrect permissions on IPC queues used by the xymond daemon can bypass IP access filtering]
 	RESERVED
-CVE-2016-2056
+	- xymon 4.3.25-1
+	NOTE: http://lists.xymon.com/pipermail/xymon/2016-February/042986.html
+CVE-2016-2056 [Shell command injection in the "useradm" and "chpasswd" web applications]
 	RESERVED
-CVE-2016-2055
+	- xymon 4.3.25-1
+	NOTE: http://lists.xymon.com/pipermail/xymon/2016-February/042986.html
+CVE-2016-2055 [Access to possibly confidential files in the Xymon configuration directory]
 	RESERVED
-CVE-2016-2054
+	- xymon 4.3.25-1
+	NOTE: http://lists.xymon.com/pipermail/xymon/2016-February/042986.html
+CVE-2016-2054 [Buffer overflow in xymond handling of "config" command]
 	RESERVED
+	- xymon 4.3.25-1
+	NOTE: http://lists.xymon.com/pipermail/xymon/2016-February/042986.html
 CVE-2016-2052 (Multiple unspecified vulnerabilities in HarfBuzz before 1.0.6, as used ...)
 	TODO: check
 CVE-2016-2051 (Multiple unspecified vulnerabilities in Google V8 before 4.8.271.17, ...)




More information about the Secure-testing-commits mailing list