Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4678

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2012-4678
Last Modified 27 Aug 2012 09:05:43
Published 26 Aug 2012 05:55:02
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-4678

Summary

munin-cgi-graph for Munin 2.0 rc4 does not delete temporary files, which allows remote attackers to cause a denial of service (disk consumption) via many requests to an image with unique parameters.

Vulnerable Systems

Application

  • Munin-monitoring Munin 2.0 Rc4


References

MISC - https://bugzilla.redhat.com/show_bug.cgi?id=812889

BID - 53034

MLIST - [oss-security] 20120429 Re: Bug#668667: CVE Request (minor) -- Two Munin graphing framework flaws

MLIST - [oss-security] 20120427 Re: Bug#668667: CVE Request (minor) -- Two Munin graphing framework flaws

MLIST - [oss-security] 20120419 Re: [Packaging] Bug#668667: CVE Request (minor) -- Two Munin graphing framework flaws

MLIST - [oss-security] 20120418 Re: Bug#668667: CVE Request (minor) -- Two Munin graphing framework flaws

MLIST - [oss-security] 20120418 Re: CVE Request (minor) -- Two Munin graphing framework flaws

MLIST - [oss-security] 20120417 Re: CVE Request (minor) -- Two Munin graphing framework flaws

MLIST - [oss-security] 20120416 Re: CVE Request (minor) -- Two Munin graphing framework flaws

MLIST - [oss-security] 20120416 CVE Request (minor) -- Two Munin graphing framework flaws

CONFIRM - http://munin-monitoring.org/changeset/4825

MISC - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668667


Last Updated: 27 May 2016 11:00:20