Xymon Alert Acknowledgment CGI Tool Stack-Based Buffer Overflow Vulnerability
A vulnerability in Xymon could allow an unauthenticated, remote attacker to access or modify data, or cause a denial of service (DoS) condition on an affected system.
The vulnerability is due to a stack-based buffer overflow condition in the acknowledgment CGI tool of the affected software and exists because of non-breaking space ( ) expansion in the acknowledge.c file. An attacker could exploit this vulnerability by submitting malicious input to the affected system. A successful exploit could allow the attacker to access or modify data, or cause a DoS condition.
Xymon has confirmed the vulnerability and released a software update.
Security Impact Rating: Critical