PT-2012-3837 · Munin · Munin
Kurt Seifried
·
Publicado
2012-08-26
·
Atualizado
2024-06-15
·
CVE-2012-2147
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
Munin version 2.0 rc4
Description
The issue allows remote attackers to cause a denial of service, resulting in disk or memory consumption, by making many image requests with large values in the
size x or size y parameters to the munin-cgi-graph component.Recommendations
For Munin version 2.0 rc4, consider restricting access to the munin-cgi-graph component to minimize the risk of exploitation, and avoid using large values in the
size x or size y parameters until the issue is resolved.Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Munin