CVE-2012-3512
Published: 21 August 2012
Munin before 2.0.6 stores plugin state files that run as root in the same group-writable directory as non-root plugins, which allows local users to execute arbitrary code by replacing a state file, as demonstrated using the smart_ plugin.
Notes
Author | Note |
---|---|
sbeattie | munin user/group to root escalation |
Priority
Status
Package | Release | Status |
---|---|---|
munin Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Released
(1.4.4-1ubuntu1.2)
|
|
natty |
Ignored
(end of life)
|
|
oneiric |
Released
(1.4.5-3ubuntu4.11.10.2)
|
|
precise |
Released
(1.4.6-3ubuntu3.3)
|
|
quantal |
Released
(2.0.2-1ubuntu2.2)
|
|
upstream |
Released
(2.0.6~git-1)
|
|
Patches: upstream: http://anonscm.debian.org/gitweb/?p=collab-maint/munin.git;a=commit;h=780634c4a48fc57b6631d644fca3649f1417d211 upstream: http://anonscm.debian.org/gitweb/?p=collab-maint/munin.git;a=commit;h=9f2643c4cb13a34deadfea8fb7e8a29fa54fdc8e upstream: http://anonscm.debian.org/gitweb/?p=collab-maint/munin.git;a=commit;h=6183662a2b96c2c3b1b4cfc4b80ce28063d025c2 upstream: http://anonscm.debian.org/gitweb/?p=collab-maint/munin.git;a=commit;h=2b8d82e0c52ccdd79ca480788f7ef4d3325b4cb0 |