In Xymon through 4.3.28, a buffer overflow vulnerability exists in the csvinfo CGI script. The overflow may be exploited by sending a crafted GET request that triggers an sprintf of the srcdb parameter.
CPE | Name | Operator | Version |
---|---|---|---|
debian_linux | eq | 8.0 | |
xymon | le | 4.3.28 |