225 matches found
USN-3215-2: Munin regression
USN-3215-1 fixed a vulnerability in Munin. The upstream patch caused a regression leading to errors being appended to the log file. This update fixes the problem. Original advisory details: It was discovered that Munin incorrectly handled CGI graphs. A remote attacker could use this issue to...
USN-3215-2 munin regression
USN-3215-1 fixed a vulnerability in Munin. The upstream patch caused a regression leading to errors being appended to the log file. This update fixes the problem. Original advisory details: It was discovered that Munin incorrectly handled CGI graphs. A remote attacker could use this issue to...
[SECURITY] [DLA 836-2] munin regression update
Package : munin Version : 2.0.6-4+deb7u4 Debian Bug : 856455 856536 The update for munin issued as DLA-836-1 caused a regression in the zooming functionality in munin-cgi-graph. Updated packages are now available to correct this issue. For reference, the original advisory text follows. Stevie...
DSA-3794-3 munin - regression update
Bulletin has no description...
Ubuntu 14.04 LTS : Munin vulnerability (USN-3215-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3215-1 advisory. It was discovered that Munin incorrectly handled CGI graphs. A remote attacker could use this issue to overwrite arbitrary files as the www-data user. Tenable has...
DLA-836-2 munin - regression update
Bulletin has no description...
Ubuntu: Security Advisory (USN-3215-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3215-1: Munin vulnerability
It was discovered that Munin incorrectly handled CGI graphs. A remote attacker could use this issue to overwrite arbitrary files as the www-data user...
USN-3215-1 munin vulnerability
It was discovered that Munin incorrectly handled CGI graphs. A remote attacker could use this issue to overwrite arbitrary files as the www-data user...
[SECURITY] [DSA 3794-2] munin regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-3794-2 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 02, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3794-2] munin regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-3794-2 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 02, 2017 https://www.debian.org/security/faq -...
DSA-3794-2 munin - regression update
Bulletin has no description...
Debian DSA-3794-1 : munin - security update
Stevie Trujillo discovered a local file write vulnerability in munin, a network-wide graphing framework, when CGI graphs are enabled. GET parameters are not properly handled, allowing to inject options into munin-cgi-graph and overwriting any file accessible by the user running the cgi-process...
Debian DLA-836-2 : munin regression update
The update for munin issued as DLA-836-1 caused a regression in the zooming functionality in munin-cgi-graph. Updated packages are now available to correct this issue. For reference, the original advisory text follows. Stevie Trujillo discovered a command injection vulnerability in munin, a...
[SECURITY] [DSA 3794-1] munin security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3794-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 25, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3794-1] munin security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3794-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 25, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DLA 836-1] munin security update
Package : munin Version : 2.0.6-4+deb7u3 CVE ID : CVE-2017-6188 Debian Bug : 855705 Stevie Trujillo discovered a command injection vulnerability in munin, a network-wide graphing framework. The CGI script for drawing graphs allowed to pass arbitrary GET parameters to local shell command, allowing...
Debian Security Advisory DSA 3794-1 (munin - security update)
Stevie Trujillo discovered a local file write vulnerability in munin, a network-wide graphing framework, when CGI graphs are enabled. GET parameters are not properly handled, allowing to inject options into munin-cgi-graph and overwriting any file accessible by the user running the cgi-process...
DSA-3794-1 munin - security update
Bulletin has no description...
DLA-836-1 munin - security update
Bulletin has no description...