CVE-2019-13455

Sažetak

In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the alert acknowledgment CGI tool because of   expansion in acknowledge.c.

Reference

https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/acknowledge.c
https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html
https://lists.xymon.com/archive/2019-July/046570.html

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

24-08-2020 - 17:37

Objavljeno

27-08-2019 - 17:15