CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
91.9%
munin-cgi-graph in Munin 2.0 rc4 allows remote attackers to cause a denial
of service (disk or memory consumption) via many image requests with large
values in the (1) size_x or (2) size_y parameters.
Author | Note |
---|---|
mdeslaur | reproducer in debian bug 1.x doesn’t support size_x and size_y |