7.2
CVE-2012-3512
- EPSS 0.59%
- Veröffentlicht 21.11.2012 23:55:01
- Zuletzt bearbeitet 16.06.2026 23:43:22
- CVE-Watchlists
- Unerledigt
Munin before 2.0.6 stores plugin state files that run as root in the same group-writable directory as non-root plugins, which allows local users to execute arbitrary code by replacing a state file, as demonstrated using the smart_ plugin.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Munin-monitoring ≫ Munin Version <= 2.0.5
Munin-monitoring ≫ Munin Version2.0-beta1
Munin-monitoring ≫ Munin Version2.0-beta2
Munin-monitoring ≫ Munin Version2.0-beta3
Munin-monitoring ≫ Munin Version2.0-beta4
Munin-monitoring ≫ Munin Version2.0-beta5
Munin-monitoring ≫ Munin Version2.0-beta6
Munin-monitoring ≫ Munin Version2.0-beta7
Munin-monitoring ≫ Munin Version2.0-rc1
Munin-monitoring ≫ Munin Version2.0-rc2
Munin-monitoring ≫ Munin Version2.0-rc3
Munin-monitoring ≫ Munin Version2.0-rc4
Munin-monitoring ≫ Munin Version2.0-rc5
Munin-monitoring ≫ Munin Version2.0-rc6
Munin-monitoring ≫ Munin Version2.0-rc7
Munin-monitoring ≫ Munin Version2.0.0
Munin-monitoring ≫ Munin Version2.0.1
Munin-monitoring ≫ Munin Version2.0.2
Munin-monitoring ≫ Munin Version2.0.3
Munin-monitoring ≫ Munin Version2.0.4
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.59% | 0.435 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
http://www.ubuntu.com/usn/USN-1622-1
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684075
http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086375.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088239.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088260.html
http://www.munin-monitoring.org/ticket/1234
http://www.openwall.com/lists/oss-security/2012/08/21/1
http://www.securityfocus.com/bid/55698