FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

ganglia -- buffer overflow vulnerability

Affected packages
ganglia-monitor-core < 3.1.1
ganglia-monitor-webfrontend < 3.1.1

Details

VuXML ID b9077cc4-6d04-4bcb-a37a-9ceaebfdcc9e
Discovery 2009-01-26
Entry 2009-01-30
Modified 2009-01-30

Secunia reports:

Spike Spiegel has discovered a vulnerability in Ganglia which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the process_path function in gmetad/server.c. This can be exploited to cause a stack-based buffer overflow by e.g. sending a specially crafted message to the gmetad service.

The vulnerability is confirmed in version 3.1.1. Other versions may also be affected.

References

CVE Name CVE-2009-0241
URL http://secunia.com/advisories/33506