CVE-2012-3512

Name of the Vulnerable Software and Affected Versions Munin versions prior to 2.0.6

Description The issue allows local users to execute arbitrary code by replacing a state file. This can be demonstrated using the smart plugin, where a local user can replace a state file to achieve arbitrary code execution.

Recommendations For versions prior to 2.0.6, update to version 2.0.6 or later to resolve the issue. As a temporary workaround, consider restricting write access to the directory containing plugin state files to prevent local users from replacing state files.