Описание
Munin before 2.0.6 stores plugin state files that run as root in the same group-writable directory as non-root plugins, which allows local users to execute arbitrary code by replacing a state file, as demonstrated using the smart_ plugin.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 2.0.2-1ubuntu3 |
| hardy | ignored | end of life |
| lucid | released | 1.4.4-1ubuntu1.2 |
| natty | ignored | end of life |
| oneiric | released | 1.4.5-3ubuntu4.11.10.2 |
| precise | released | 1.4.6-3ubuntu3.3 |
| quantal | released | 2.0.2-1ubuntu2.2 |
| upstream | released | 2.0.6~git-1 |
Показывать по
EPSS
7.2 High
CVSS2
Связанные уязвимости
Munin before 2.0.6 stores plugin state files that run as root in the same group-writable directory as non-root plugins, which allows local users to execute arbitrary code by replacing a state file, as demonstrated using the smart_ plugin.
Munin before 2.0.6 stores plugin state files that run as root in the s ...
Munin before 2.0.6 stores plugin state files that run as root in the same group-writable directory as non-root plugins, which allows local users to execute arbitrary code by replacing a state file, as demonstrated using the smart_ plugin.
EPSS
7.2 High
CVSS2