Pandora FMS: Authentication Bypass and Multiple Input Validation Vulnerabilities 

Users of Pandora FMS please be advised of an Authentication Bypass and Multiple Input Validation Vulnerabilities that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

Pandora-SA-11/30/2010: Pandora FMS Authentication Bypass and Multiple Input Validation Vulnerabilities
Pandora FMS Authentication Bypass and Multiple Input Validation
Vulnerabilities

CVE IDs in this security advisory:

1) Authentication bypass – CVE-2010-4279
2) OS Command Injection – CVE-2010-4278
3) SQL Injection – CVE-2010-4280
4) Blind SQL Injection – CVE-2010-4280
5) Path Traversal – CVE-2010-4281 – CVE-2010-4282 – CVE-2010-4283

Read more at http://www.criticalwatch.com