CVE-2017-6188

Опубликовано: 22 фев. 2017

Источник: debian

Описание

Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upper_limit GET parameters allows overwriting any file accessible to the www-data user.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
munin	fixed	2.0.31-1		package

Примечания

https://github.com/munin-monitoring/munin/issues/721

Связанные уязвимости

CVE-2017-6188

CVSS3: 5.5

ubuntu

почти 9 лет назад

Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upper_limit GET parameters allows overwriting any file accessible to the www-data user.

CVE-2017-6188

CVSS3: 5.5

nvd

почти 9 лет назад

Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upper_limit GET parameters allows overwriting any file accessible to the www-data user.

openSUSE-SU-2017:0621-1

suse-cvrf

почти 9 лет назад

Security update for munin

GHSA-vpvg-79jp-cjw8

CVSS3: 5.5

github

больше 3 лет назад

Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upper_limit GET parameters allows overwriting any file accessible to the www-data user.