CVE-2013-6359

Publication date 13 December 2013

Last updated 24 July 2024

Munin::Master::Node in Munin before 2.0.18 allows remote attackers to cause a denial of service (abort data collection for node) via a plugin that uses "multigraph" as a multigraph service name.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
munin	13.10 saucy	Fixed 2.0.17-2ubuntu1.1
	13.04 raring	Ignored end of life
	12.10 quantal	Fixed 2.0.2-1ubuntu2.3
	12.04 LTS precise	Fixed 1.4.6-3ubuntu3.4
	10.04 LTS lucid	Ignored end of life

How can I get the fixes?
What do statuses mean?
Patch details

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
munin	Upstream: 00164f5

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-2090-1
Munin vulnerabilities
27 January 2014

Other references

http://www.debian.org/security/2013/dsa-2815
https://github.com/munin-monitoring/munin/blob/2.0.18/ChangeLog
https://www.cve.org/CVERecord?id=CVE-2013-6359