Lucene search
Ubuntu.comUB:CVE-2013-2131HistoryJan 04, 2015 - 12:00 a.m.
CVE-2013-2131
2015-01-0400:00:00
ubuntu.com
ubuntu.com
8
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.068 Low
EPSS
Percentile
93.9%
Format string vulnerability in the rrdtool module 1.4.7 for Python, as used
in Zenoss, allows context-dependent attackers to cause a denial of service
(crash) via format string specifiers to the rrdtool.graph function.
Bugs
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708866>
- <https://github.com/oetiker/rrdtool-1.x/issues/396>
- <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2131>
Notes
| Author | Note |
|---|---|
| rodrigo-zaiden | xenial was patched in release version 1.4.8-1, and later it was upgraded to the new upstream version 1.5 that already has the fix (no need to add an explict patch). Since then, every Ubuntu release already has the fix applied. |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 18.04 | noarch | rrdtool | < 1.7.0-1build1 | UNKNOWN |
| ubuntu | 20.04 | noarch | rrdtool | < 1.7.2-3build1 | UNKNOWN |
| ubuntu | 21.10 | noarch | rrdtool | < 1.7.2-3build6 | UNKNOWN |
| ubuntu | 22.04 | noarch | rrdtool | < 1.7.2-3ubuntu5 | UNKNOWN |
| ubuntu | 22.10 | noarch | rrdtool | < 1.7.2-3ubuntu5 | UNKNOWN |
| ubuntu | 23.04 | noarch | rrdtool | < 1.7.2-3ubuntu5 | UNKNOWN |
| ubuntu | 23.10 | noarch | rrdtool | < 1.7.2-3ubuntu5 | UNKNOWN |
| ubuntu | 24.04 | noarch | rrdtool | < 1.7.2-3ubuntu5 | UNKNOWN |
| ubuntu | 14.04 | noarch | rrdtool | < any | UNKNOWN |
| ubuntu | 16.04 | noarch | rrdtool | < 1.4.8-1 | UNKNOWN |
Related
veracode
veracode
Denial Of Service (DoS)
2022-03-08 16:39:40
nessus
nessus
openSUSE Security Update : rrdtool (openSUSE-SU-2014:1646-1)
2014-12-16 00:00:00
openSUSE Security Update : rrdtool (openSUSE-2018-175)
2018-02-20 00:00:00
Fedora 19 : rrdtool-1.4.8-2.fc19 (2013-10288)
2013-07-12 00:00:00
cvelist
cvelist
CVE-2013-2131
2015-01-04 21:00:00
CVE-2014-6262
2020-02-12 01:30:20
cve
cve
CVE-2013-2131
2015-01-04 21:59:00
CVE-2014-6262
2020-02-12 02:15:10
fedora
fedora
[SECURITY] Fedora 18 Update: rrdtool-1.4.8-2.fc18
2013-06-18 01:29:42
[SECURITY] Fedora 19 Update: rrdtool-1.4.8-2.fc19
2013-06-18 06:22:55
prion
prion
Format string
2015-01-04 21:59:00
Format string
2020-02-12 02:15:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2017:0103-1)
2021-04-19 00:00:00
Fedora Update for rrdtool FEDORA-2013-10309
2013-06-18 00:00:00
Fedora Update for rrdtool FEDORA-2013-10309
2013-06-18 00:00:00
nvd
nvd
CVE-2013-2131
2015-01-04 21:59:00
CVE-2014-6262
2020-02-12 02:15:10
debiancve
debiancve
CVE-2013-2131
2015-01-04 21:59:00
CVE-2014-6262
2020-02-12 02:15:10
ubuntucve
ubuntucve
CVE-2014-6262
2020-02-12 00:00:00
debian
debian
[SECURITY] [DLA 2131-1] rrdtool security update
2020-03-01 20:41:30
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.068 Low
EPSS
Percentile
93.9%
Related for UB:CVE-2013-2131