ganglia -- buffer overflow vulnerability

2009-01-26T00:00:00
ID B9077CC4-6D04-4BCB-A37A-9CEAEBFDCC9E
Type freebsd
Reporter FreeBSD
Modified 2009-01-30T00:00:00

Description

Secunia reports:

Spike Spiegel has discovered a vulnerability in Ganglia which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the process_path function in gmetad/server.c. This can be exploited to cause a stack-based buffer overflow by e.g. sending a specially crafted message to the gmetad service. The vulnerability is confirmed in version 3.1.1. Other versions may also be affected.