SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionJ.C. Cleaver reports :
- CVE-2016-2054: Buffer overflow in xymond handling of 'config' command
- CVE-2016-2055: Access to possibly confidential files in the Xymon configuration directory
- CVE-2016-2056: Shell command injection in the 'useradm' and 'chpasswd' web applications
- CVE-2016-2057: Incorrect permissions on IPC queues used by the xymond daemon can bypass IP access filtering
SolutionUpdate the affected package.