CVE-2012-3512
Munin before 2.0.6 stores plugin state files that run as root in the same group-writable directory as non-root plugins, which allows local users to execute arbitrary code by replacing a state file, as demonstrated using the smart_ plugin.
| Software | From | Fixed in |
|---|---|---|
| munin-monitoring / munin | 2.0.2 | 2.0.2.x |
| munin-monitoring / munin | 2.0-beta3 | 2.0-beta3.x |
| munin-monitoring / munin | 2.0-beta4 | 2.0-beta4.x |
| munin-monitoring / munin | 2.0-rc3 | 2.0-rc3.x |
| munin-monitoring / munin | 2.0-beta5 | 2.0-beta5.x |
| munin-monitoring / munin | 2.0.1 | 2.0.1.x |
| munin-monitoring / munin | - | 2.0.5.x |
| munin-monitoring / munin | 2.0-rc5 | 2.0-rc5.x |
| munin-monitoring / munin | 2.0-beta2 | 2.0-beta2.x |
| munin-monitoring / munin | 2.0-beta7 | 2.0-beta7.x |
| munin-monitoring / munin | 2.0-rc6 | 2.0-rc6.x |
| munin-monitoring / munin | 2.0-rc1 | 2.0-rc1.x |
| munin-monitoring / munin | 2.0.0 | 2.0.0.x |
| munin-monitoring / munin | 2.0-beta1 | 2.0-beta1.x |
| munin-monitoring / munin | 2.0-rc7 | 2.0-rc7.x |
| munin-monitoring / munin | 2.0.3 | 2.0.3.x |
| munin-monitoring / munin | 2.0-rc2 | 2.0-rc2.x |
| munin-monitoring / munin | 2.0-rc4 | 2.0-rc4.x |
| munin-monitoring / munin | 2.0-beta6 | 2.0-beta6.x |
| munin-monitoring / munin | 2.0.4 | 2.0.4.x |
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684075
- http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086375.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088239.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088260.html
- http://www.munin-monitoring.org/ticket/1234
- http://www.openwall.com/lists/oss-security/2012/08/21/1
- http://www.securityfocus.com/bid/55698
- http://www.ubuntu.com/usn/USN-1622-1
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime