############# Computest security advisory CT-2016-1110 ############### Summary: Unauthenticated remote command execution as root Affected software: Observium Reference URL: https://computest.nl/advisories/ CT-2016-1110_Observium.txt Affected versions: Versions downloaded before 26-10-2016. (First affected version is not known) Credit: Ronald Volgers (rvolgers@computest.nl) Date of publication: 2016-11-10 During a recent penetration test Computest found and exploited various issues in Observium, going from unauthenticated user to full shell access as root. We reported these issues to the Observium project for the benefit of our customer and other members of the community. This was not a full audit and further issues may or may not be present. ( Note about affected versions: The Observium project does not provide a way to download older releases for non-paying users, so there was no way to check whether these problems exist in older versions. All information given here applies to the latest Community Edition as of 2016-10-05. ) About Observium
Source: Gmail -> IFTTT-> Blogger
No comments:
Post a Comment