Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-2131

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2013-2131
Last Modified 19 May 2015 12:22:43
Published 04 Jan 2015 04:59:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2013-2131

Summary

Format string vulnerability in the rrdtool module 1.4.7 for Python, as used in Zenoss, allows context-dependent attackers to cause a denial of service (crash) via format string specifiers to the rrdtool.graph function.

Vulnerable Systems

Application

  • Oetiker%2bpartner Ag Rrdtool 1.4.7

  • Rrdtool Project Rrdtool 1.4.7


References

MISC - https://github.com/oetiker/rrdtool-1.x/pull/397

MISC - https://github.com/oetiker/rrdtool-1.x/issues/396

MISC - https://bugzilla.redhat.com/show_bug.cgi?id=969296

MLIST - [oss-security] 20130531 Re: plone, rrdtool, zenoss bugs

MLIST - [oss-security] 20130419 Re: plone, rrdtool, zenoss bugs

MLIST - [oss-security] 20130418 plone, rrdtool, zenoss bugs


Last Updated: 27 May 2016 11:08:48