← Back

CVE-2012-3512

nvd nist
Published: Nov 21, 2012Modified: Apr 29, 2026

JSON object

Loading...
7.2
Vector
AV:L/AC:L/Au:N/C:C/I:C/A:C
Exploitability: 3.9 / Impact: 10.0
Source: NVD

Description

Munin before 2.0.6 stores plugin state files that run as root in the same group-writable directory as non-root plugins, which allows local users to execute arbitrary code by replacing a state file, as demonstrated using the smart_ plugin.

Affected (20)

Munin Monitoring
1 product
Munin
Configuration A
20 vulnerable
Vulnerable SoftwareAffected Versions
Munin Monitoring
Munin
Up to 2.0.5
Munin
Version 2.0-beta1
Munin
Version 2.0-beta2
Munin
Version 2.0-beta3
Munin
Version 2.0-beta4
Munin
Version 2.0-beta5
Munin
Version 2.0-beta6
Munin
Version 2.0-beta7
Munin
Version 2.0-rc1
Munin
Version 2.0-rc2
Munin
Version 2.0-rc3
Munin
Version 2.0-rc4
Munin
Version 2.0-rc5
Munin
Version 2.0-rc6
Munin
Version 2.0-rc7
Munin
Version 2.0.0
Munin
Version 2.0.1
Munin
Version 2.0.2
Munin
Version 2.0.3
Munin
Version 2.0.4

Related CWEs

CWE-264
CWE-264

References (16)

Source: secalert@redhat.com
Exploit
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
ExploitVendor Advisory
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.