Stay Secure with the Latest Linux Advisories

security advisorydenial of serviceubuntu

Ubuntu: 2090-1 Moderately Severe: Munin DoS Threats and Fixes

Several security issues were fixed in Munin.. =========================================================================Ubuntu Security Notice USN-2090-1 January 27, 2014 munin vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 13.10 - Ubuntu 12.10 - Ubuntu 12.04 LTS Summary: Several security issues were fixed in Munin. Software Description: - munin: Network-wide graphing framework Details: Christoph Biedl discovered that Munin incorrectly handled certain multigraph data. A remote attacker could use this issue to cause Munin to consume resources, resulting in a denial of service. (CVE-2013-6048) Christoph Biedl discovered that Munin incorrectly handled certain multigraph service names. A remote attacker could use this issue to cause Munin to stop data collection, resulting in a denial of service. (CVE-2013-6359) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 13.10: munin 2.0.17-2ubuntu1.1 Ubuntu 12.10: munin 2.0.2-1ubuntu2.3 Ubuntu 12.04 LTS: munin 1.4.6-3ubuntu3.4 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-2090-1 CVE-2013-6048, CVE-2013-6359 Package Information: https://launchpad.net/ubuntu/+source/munin/2.0.17-2ubuntu1.1 https://launchpad.net/ubuntu/+source/munin/2.0.2-1ubuntu2.3 https://launchpad.net/ubuntu/+source/munin/1.4.6-3ubuntu3.4 . Ensure your Ubuntu systems are safeguarded from Munin vulnerabilities by identifying affected versions, updating repositories, and upgrading the package to the latest stable release. Ubuntu Security, Munin Fixes, Denial of Service. . LinuxSecurity.com Team

Jan 27, 2014 Ubuntu