PT-2012-3837 · Munin · Munin
Kurt Seifried
·
Published
2012-08-26
·
Updated
2024-06-15
·
CVE-2012-2147
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
Munin version 2.0 rc4
Description
The issue allows remote attackers to cause a denial of service, resulting in disk or memory consumption, by making many image requests with large values in the
size x or size y parameters to the munin-cgi-graph component.Recommendations
For Munin version 2.0 rc4, consider restricting access to the munin-cgi-graph component to minimize the risk of exploitation, and avoid using large values in the
size x or size y parameters until the issue is resolved.Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Munin