CVE-2012-4678

Name of the Vulnerable Software and Affected Versions Munin version 2.0 rc4

Description The issue allows remote attackers to cause a denial of service, specifically disk consumption, by making many requests to an image with unique parameters. This is due to the munin-cgi-graph not deleting temporary files.

Recommendations For Munin version 2.0 rc4, consider implementing a mechanism to regularly delete temporary files generated by munin-cgi-graph to prevent disk consumption. As a temporary workaround, restrict access to the munin-cgi-graph functionality to minimize the risk of exploitation.