7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.731 High
EPSS
Percentile
98.1%
Secunia reports:
Spike Spiegel has discovered a vulnerability in Ganglia which
can be exploited by malicious people to compromise a
vulnerable system. The vulnerability is caused due to a
boundary error within the process_path function in
gmetad/server.c. This can be exploited to cause a stack-based
buffer overflow by e.g. sending a specially crafted message to
the gmetad service.
The vulnerability is confirmed in version 3.1.1. Other
versions may also be affected.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | ganglia-monitor-core | < 3.1.1 | UNKNOWN |
FreeBSD | any | noarch | ganglia-monitor-webfrontend | < 3.1.1 | UNKNOWN |