21 matches found
EUVD-2017-15253
Malware in sbrugna...
SUSE CVE-2017-6188
Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upperlimit GET parameters allows overwriting any file accessible to the www-data user...
MGASA-2017-0101 Updated munin packages fix security vulnerability
Stevie Trujillo discovered a local file write vulnerability in munin, a network-wide graphing framework, when CGI graphs are enabled. GET parameters are not properly handled, allowing to inject options into munin-cgi-graph and overwriting any file accessible by the user running the cgi-process...
Ubuntu 14.04 LTS : Munin regression (USN-3215-2)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3215-2 advisory. USN-3215-1 fixed a vulnerability in Munin. The upstream patch caused a regression leading to errors being appended to the log file. This update fixes the problem...
[SECURITY] [DSA 3794-3] munin regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-3794-3 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 03, 2017 https://www.debian.org/security/faq -...
USN-3215-2 munin regression
USN-3215-1 fixed a vulnerability in Munin. The upstream patch caused a regression leading to errors being appended to the log file. This update fixes the problem. Original advisory details: It was discovered that Munin incorrectly handled CGI graphs. A remote attacker could use this issue to...
Ubuntu: Security Advisory (USN-3215-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3215-1: Munin vulnerability
It was discovered that Munin incorrectly handled CGI graphs. A remote attacker could use this issue to overwrite arbitrary files as the www-data user...
USN-3215-1 munin vulnerability
It was discovered that Munin incorrectly handled CGI graphs. A remote attacker could use this issue to overwrite arbitrary files as the www-data user...
[SECURITY] [DSA 3794-2] munin regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-3794-2 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 02, 2017 https://www.debian.org/security/faq -...
Debian DSA-3794-1 : munin - security update
Stevie Trujillo discovered a local file write vulnerability in munin, a network-wide graphing framework, when CGI graphs are enabled. GET parameters are not properly handled, allowing to inject options into munin-cgi-graph and overwriting any file accessible by the user running the cgi-process...
[SECURITY] [DSA 3794-1] munin security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3794-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 25, 2017 https://www.debian.org/security/faq -...
Design/Logic Flaw
Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upperlimit GET parameters allows overwriting any file accessible to the www-data user...
CVE-2017-6188
Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upperlimit GET parameters allows overwriting any file accessible to the www-data user...
CVE-2017-6188
Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upperlimit GET parameters allows overwriting any file accessible to the www-data user...
CVE-2017-6188
Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upperlimit GET parameters allows overwriting any file accessible to the www-data user...
CVE-2017-6188
Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upperlimit GET parameters allows overwriting any file accessible to the www-data user...
CVE-2017-6188
CVE-2017-6188 affects Munin prior to a fixed version where CGI graphs enabled allow a local file overwrite by abusing multiple upper_limit GET parameters. The vulnerability enables overwriting any file accessible to the webserver user (www-data). Public disclosures and advisories in connected doc...
CVE-2017-6188
Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upperlimit GET parameters allows overwriting any file accessible to the www-data user...
CVE-2017-6188
Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upperlimit GET parameters allows overwriting any file accessible to the www-data user...