SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

Download | Alert*

CVE

CVE-2012-4678

munin-cgi-graph for Munin 2.0 rc4 does not delete temporary files, which allows remote attackers to cause a denial of service (disk consumption) via many requests to an image with unique parameters.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9

CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL

Reference:

BID-53034

http://www.openwall.com/lists/oss-security/2012/04/16/5

http://www.openwall.com/lists/oss-security/2012/04/16/6

http://www.openwall.com/lists/oss-security/2012/04/18/2

http://www.openwall.com/lists/oss-security/2012/04/19/4

http://www.openwall.com/lists/oss-security/2012/04/19/3

http://www.openwall.com/lists/oss-security/2012/04/19/5

http://www.openwall.com/lists/oss-security/2012/04/27/7

http://www.openwall.com/lists/oss-security/2012/04/29/2

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668667

http://munin-monitoring.org/changeset/4825

https://bugzilla.redhat.com/show_bug.cgi?id=812889


30430



423868



247862



909



194603



282