Munin Resource Monitoring < 2.0.6 Multiple Vulnerabilities

Medium Nessus Network Monitor Plugin ID 6948

Synopsis

The remote web server is utilizing a resource monitoring tool

Description

Munin is a networked resource monitoring tool. Versions of Munin prior to 2.0.6 are affected by the following vulnerabilities :

- The qmailscan plugin allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names (CVE-2012-2103).
- Munin stores plugin state files that run as root in the same group-writable directory as non-root plugins, which allows local users to execute arbitrary code by replacing a state file, as demonstrated using the smart_ plugin (CVE-2012-3512).
- munin-cgi-graph, when running as a CGI module under Apache, allows remote attackers to load new configurations and create files in arbitrary directories via the logdir command (CVE-2012-3513)

Solution

Update the affected munin, munin-master and / or munin-node packages to 2.0.6-1 or the latest release.

See Also

http://munin-monitoring.org/ticket/1238

http://munin-monitoring.org/ticket/1234

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668778

Plugin Details

Severity: Medium

ID: 6948

File Name: 6948.prm

Family: Web Servers

Published: 2013/07/26

Modified: 2016/06/17

Dependencies: 1442

Nessus ID: 66117

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 4.3

Temporal Score: 3.2

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSSv3

Base Score: 5.3

Temporal Score: 4.6

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Temporal Vector: CVSS3#E:U/RL:O/RC:C

Vulnerability Information

Patch Publication Date: 2013/02/26

Vulnerability Publication Date: 2013/02/26

Reference Information

CVE: CVE-2012-2103, CVE-2012-3512, CVE-2012-3513

BID: 53031, 55698, 56398