Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
munin-monitoring munin vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2017-6188
Munin prior to 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upper_limit GET parameters allows overwriting any file accessible to the www-data user.
Munin-monitoring Munin
Debian Debian Linux 8.0
NA
CVE-2013-6048
The get_group_tree function in lib/Munin/Master/HTMLConfig.pm in Munin prior to 2.0.18 allows remote nodes to cause a denial of service (infinite loop and memory consumption in the munin-html process) via crafted multigraph data.
Munin-monitoring Munin 2.0.14
Munin-monitoring Munin 2.0.13
Munin-monitoring Munin 2.0.7
Munin-monitoring Munin 2.0.6
Munin-monitoring Munin 2.0.16
Munin-monitoring Munin 2.0.15
Munin-monitoring Munin 2.0.9
Munin-monitoring Munin 2.0.8
Munin-monitoring Munin 2.0.0
Munin-monitoring Munin
Munin-monitoring Munin 2.0.11.1
Munin-monitoring Munin 2.0.10
Munin-monitoring Munin 2.0.3
Munin-monitoring Munin 2.0.2
Munin-monitoring Munin 2.0.1
Munin-monitoring Munin 2.0.12
Munin-monitoring Munin 2.0.11
Munin-monitoring Munin 2.0.5
Munin-monitoring Munin 2.0.4
NA
CVE-2013-6359
Munin::Master::Node in Munin prior to 2.0.18 allows remote malicious users to cause a denial of service (abort data collection for node) via a plugin that uses "multigraph" as a multigraph service name.
Munin-monitoring Munin
Munin-monitoring Munin 2.0.16
Munin-monitoring Munin 2.0.10
Munin-monitoring Munin 2.0.9
Munin-monitoring Munin 2.0.2
Munin-monitoring Munin 2.0.1
Munin-monitoring Munin 2.0.11
Munin-monitoring Munin 2.0.11.1
Munin-monitoring Munin 2.0.4
Munin-monitoring Munin 2.0.3
Munin-monitoring Munin 2.0.13
Munin-monitoring Munin 2.0.12
Munin-monitoring Munin 2.0.6
Munin-monitoring Munin 2.0.5
Munin-monitoring Munin 2.0.15
Munin-monitoring Munin 2.0.14
Munin-monitoring Munin 2.0.8
Munin-monitoring Munin 2.0.7
Munin-monitoring Munin 2.0.0
NA
CVE-2012-3512
Munin prior to 2.0.6 stores plugin state files that run as root in the same group-writable directory as non-root plugins, which allows local users to execute arbitrary code by replacing a state file, as demonstrated using the smart_ plugin.
Munin-monitoring Munin 2.0.4
Munin-monitoring Munin 2.0.3
Munin-monitoring Munin 2.0-rc4
Munin-monitoring Munin 2.0-rc3
Munin-monitoring Munin 2.0-beta1
Munin-monitoring Munin 2.0-rc2
Munin-monitoring Munin
Munin-monitoring Munin 2.0-rc6
Munin-monitoring Munin 2.0-rc5
Munin-monitoring Munin 2.0-beta3
Munin-monitoring Munin 2.0-beta2
Munin-monitoring Munin 2.0.0
Munin-monitoring Munin 2.0-rc7
Munin-monitoring Munin 2.0-beta5
Munin-monitoring Munin 2.0-beta4
Munin-monitoring Munin 2.0.2
Munin-monitoring Munin 2.0.1
Munin-monitoring Munin 2.0-rc1
Munin-monitoring Munin 2.0-beta7
Munin-monitoring Munin 2.0-beta6
NA
CVE-2012-3513
munin-cgi-graph in Munin prior to 2.0.6, when running as a CGI module under Apache, allows remote malicious users to load new configurations and create files in arbitrary directories via the logdir command.
Munin-monitoring Munin 2.0-beta7
Munin-monitoring Munin 2.0-beta6
Munin-monitoring Munin 2.0-beta5
Munin-monitoring Munin 2.0-beta4
Munin-monitoring Munin 2.0.4
Munin-monitoring Munin 2.0-rc5
Munin-monitoring Munin 2.0-rc3
Munin-monitoring Munin 2.0-beta2
Munin-monitoring Munin 2.0-rc2
Munin-monitoring Munin 2.0.2
Munin-monitoring Munin 2.0.1
Munin-monitoring Munin 2.0.0
Munin-monitoring Munin 2.0-rc7
Munin-monitoring Munin 2.0-rc6
Munin-monitoring Munin
Munin-monitoring Munin 2.0.3
Munin-monitoring Munin 2.0-rc4
Munin-monitoring Munin 2.0-rc1
Munin-monitoring Munin 2.0-beta3
Munin-monitoring Munin 2.0-beta1
NA
CVE-2012-2103
The qmailscan plugin for Munin 1.4.5 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names.
Munin-monitoring Munin 1.4.5
NA
CVE-2012-2104
cgi-bin/munin-cgi-graph in Munin 2.x writes data to a log file without sanitizing non-printable characters, which might allow user-assisted remote malicious users to inject terminal emulator escape sequences and execute arbitrary commands or delete arbitrary files via a crafted H...
Munin-monitoring Munin 2.0
Munin-monitoring Munin 2.1
1 EDB exploit
NA
CVE-2012-2147
munin-cgi-graph in Munin 2.0 rc4 allows remote malicious users to cause a denial of service (disk or memory consumption) via many image requests with large values in the (1) size_x or (2) size_y parameters.
Munin-monitoring Munin 2.0 Rc4
NA
CVE-2012-4678
munin-cgi-graph for Munin 2.0 rc4 does not delete temporary files, which allows remote malicious users to cause a denial of service (disk consumption) via many requests to an image with unique parameters.
Munin-monitoring Munin 2.0 Rc4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started