225 matches found
SUSE CVE-2012-2147
munin-cgi-graph in Munin 2.0 rc4 allows remote attackers to cause a denial of service disk or memory consumption via many image requests with large values in the 1 sizex or 2 sizey parameters...
SUSE CVE-2012-3512
Munin before 2.0.6 stores plugin state files that run as root in the same group-writable directory as non-root plugins, which allows local users to execute arbitrary code by replacing a state file, as demonstrated using the smart plugin...
SUSE CVE-2013-6048
The getgrouptree function in lib/Munin/Master/HTMLConfig.pm in Munin before 2.0.18 allows remote nodes to cause a denial of service infinite loop and memory consumption in the munin-html process via crafted multigraph data...
SUSE CVE-2013-6359
Munin::Master::Node in Munin before 2.0.18 allows remote attackers to cause a denial of service abort data collection for node via a plugin that uses "multigraph" as a multigraph service name...
SUSE CVE-2017-6188
Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upperlimit GET parameters allows overwriting any file accessible to the www-data user...
Mageia: Security Advisory (MGASA-2017-0101)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2013-0378)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Unauthorized Access Vulnerability in Munin
Munin is a great easy to install and setup monitoring software that monitors core system resources including memory, disk, CPU usage, server applications such as MySQL, Apache, and Squid, and more. Munin suffers from an unauthorized access vulnerability that can be exploited by attackers to obtai...
CVE-2019-3694
A Symbolic Link Symlink Following vulnerability in the packaging of munin in openSUSE Factory, Leap 15.1 allows local attackers to escalate from user munin to root. This issue affects: openSUSE Factory munin version 2.0.49-4.2 and prior versions. openSUSE Leap 15.1 munin version 2.0.40-lp151.1.1...
CVE-2019-3694
A Symbolic Link Symlink Following vulnerability in the packaging of munin in openSUSE Factory, Leap 15.1 allows local attackers to escalate from user munin to root. This issue affects: openSUSE Factory munin version 2.0.49-4.2 and prior versions. openSUSE Leap 15.1 munin version 2.0.40-lp151.1.1...
Design/Logic Flaw
A Symbolic Link Symlink Following vulnerability in the packaging of munin in openSUSE Factory, Leap 15.1 allows local attackers to escalate from user munin to root. This issue affects: openSUSE Factory munin version 2.0.49-4.2 and prior versions. openSUSE Leap 15.1 munin version 2.0.40-lp151.1.1...
CVE-2019-3694 Local privilege escalation from munin to root in the packaging of munin
A Symbolic Link Symlink Following vulnerability in the packaging of munin in openSUSE Factory, Leap 15.1 allows local attackers to escalate from user munin to root. This issue affects: openSUSE Factory munin version 2.0.49-4.2 and prior versions. openSUSE Leap 15.1 munin version 2.0.40-lp151.1.1...
CVE-2019-3694
CVE-2019-3694 is a local privilege-escalation due to a Symbolic Link (Symlink) Following issue in the packaging of openSUSE Munin. Affected: openSUSE Factory Munin 2.0.49-4.2 and prior versions openSUSE Leap 15.1 Munin 2.0.40-lp151.1.1 and prior versionsRoot cause: vulnerable packaging workflow a...
PT-2020-10913 · Opensuse · Munin
Name of the Vulnerable Software and Affected Versions: openSUSE Factory munin versions 2.0.49-4.2 and prior versions openSUSE Leap 15.1 munin versions 2.0.40-lp151.1.1 and prior versions Description: A Symbolic Link Symlink Following issue in the packaging of munin allows local attackers to...
CVE-2017-18470
cPanel before 62.0.4 has a fixed password for the Munin MySQL test account SEC-196...
CVE-2017-18470
cPanel before 62.0.4 has a fixed password for the Munin MySQL test account SEC-196...
Default credentials
cPanel before 62.0.4 has a fixed password for the Munin MySQL test account SEC-196...
CVE-2017-18470
cPanel before 62.0.4 has a fixed password for the Munin MySQL test account SEC-196...
CVE-2017-18470
CVE-2017-18470 affects cPanel prior to 62.0.4, where the Munin MySQL test account used a fixed password. Red Hat and NVD entries corroborate this description. Impact stated in sources centers on credential exposure due to a fixed/default credential for the Munin test account; no additional exploi...
[ASA-201905-1] munin: arbitrary file overwrite
Arch Linux Security Advisory ASA-201905-1 ========================================= Severity: High Date : 2019-05-06 CVE-ID : CVE-2017-6188 Package : munin Type : arbitrary file overwrite Remote : Yes Link : https://security.archlinux.org/AVG-953 Summary ======= The package munin before version...