cgi-bin/munin-cgi-graph in Munin 2.x writes data to a log file without sanitizing non-printable characters, which might allow user-assisted remote attackers to inject terminal emulator escape sequences and execute arbitrary commands or delete arbitrary files via a crafted HTTP request.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2012-08-26T21:00:00
Updated: 2024-08-06T19:26:07.600Z
Reserved: 2012-04-04T00:00:00
Link: CVE-2012-2104
Vulnrichment
No data.
NVD
Status : Modified
Published: 2012-08-26T21:55:01.717
Modified: 2018-10-23T21:29:00.323
Link: CVE-2012-2104
Redhat
No data.