CVE-2016-2055

Name of the Vulnerable Software and Affected Versions xymond versions 4.1.x through 4.3.x before 4.3.25

Description The issue is related to a lack of protection for service data in the xymond component of the Debian GNU/Linux operating system. It allows a remote attacker to read arbitrary files in the configuration directory using the "config" command.

Recommendations For versions 4.1.x through 4.3.x before 4.3.25, update to version 4.3.25 or later to resolve the issue. As a temporary workaround, consider restricting access to the "config" command to minimize the risk of exploitation.