Vulnerability Details CVE-2012-3513
munin-cgi-graph in Munin before 2.0.6, when running as a CGI module under Apache, allows remote attackers to load new configurations and create files in arbitrary directories via the logdir command.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.0%
CVSS Severity
CVSS v2 Score 9.3
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684076
- http://www.munin-monitoring.org/ticket/1238
- http://www.openwall.com/lists/oss-security/2012/08/21/1
- http://www.ubuntu.com/usn/USN-1622-1
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684076
- http://www.munin-monitoring.org/ticket/1238
- http://www.openwall.com/lists/oss-security/2012/08/21/1
- http://www.ubuntu.com/usn/USN-1622-1
Products affected by CVE-2012-3513
-
cpe:2.3:a:munin-monitoring:munin:2.0-beta1
-
cpe:2.3:a:munin-monitoring:munin:2.0-beta2
-
cpe:2.3:a:munin-monitoring:munin:2.0-beta3
-
cpe:2.3:a:munin-monitoring:munin:2.0-beta4
-
cpe:2.3:a:munin-monitoring:munin:2.0-beta5
-
cpe:2.3:a:munin-monitoring:munin:2.0-beta6
-
cpe:2.3:a:munin-monitoring:munin:2.0-beta7
-
cpe:2.3:a:munin-monitoring:munin:2.0-rc1
-
cpe:2.3:a:munin-monitoring:munin:2.0-rc2
-
cpe:2.3:a:munin-monitoring:munin:2.0-rc3
-
cpe:2.3:a:munin-monitoring:munin:2.0-rc4
-
cpe:2.3:a:munin-monitoring:munin:2.0-rc5
-
cpe:2.3:a:munin-monitoring:munin:2.0-rc6
-
cpe:2.3:a:munin-monitoring:munin:2.0-rc7
-
cpe:2.3:a:munin-monitoring:munin:2.0.0
-
cpe:2.3:a:munin-monitoring:munin:2.0.1
-
cpe:2.3:a:munin-monitoring:munin:2.0.2
-
cpe:2.3:a:munin-monitoring:munin:2.0.3
-
cpe:2.3:a:munin-monitoring:munin:2.0.4
-
cpe:2.3:a:munin-monitoring:munin:2.0.5