Directory traversal vulnerability in the trend-data daemon (xymond_rrd) in Xymon 4.x prior to 4.3.12 allows remote malicious users to delete arbitrary files via a .. (dot dot) in the host name in a "drophost" command.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xymon xymon 4.3.0 |
||
xymon xymon 4.2.2 |
||
xymon xymon 4.0.2 |
||
xymon xymon 4.0 |
||
xymon xymon 4.1.2 |
||
xymon xymon 4.1.1 |
||
xymon xymon 4.1.0 |
||
xymon xymon 4.0.4 |
||
xymon xymon |
||
xymon xymon 4.2.3 |
||
xymon xymon 4.2.0 |
||
xymon xymon 4.0.3 |
||
xymon xymon 4.0.1 |