|
|
Subscribe / Log in / New account

munin: privilege escalation

Package(s):munin CVE #(s):CVE-2012-3512
Created:September 26, 2012 Updated:November 5, 2012
Description: From the Red Hat bugzilla:

Currently, plugins which run as root mix their state files in the same directory as non-root plugins. The state directory is owned by munin:munin and is group-writable. Because of these facts, it is possible for an attacker who operates as user munin to cause a root-run plugin to run arbitrary code as root.

Alerts:
Gentoo 201405-17 munin 2014-05-18
Mandriva MDVSA-2013:105 munin 2013-04-10
Mageia MGASA-2012-0358 munin 2012-12-11
Ubuntu USN-1622-1 munin 2012-11-05
Fedora FEDORA-2012-13649 munin 2012-09-26
Fedora FEDORA-2012-13683 munin 2012-09-26
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds