ALT-PU-2015-1990-1
Closed vulnerabilities
Published: 2015-01-05
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2013-2131
Format string vulnerability in the rrdtool module 1.4.7 for Python, as used in Zenoss, allows context-dependent attackers to cause a denial of service (crash) via format string specifiers to the rrdtool.graph function.
Severity: MEDIUM (5.0)
References:
- [oss-security] 20130418 plone, rrdtool, zenoss bugs
- [oss-security] 20130418 plone, rrdtool, zenoss bugs
- [oss-security] 20130419 Re: plone, rrdtool, zenoss bugs
- [oss-security] 20130419 Re: plone, rrdtool, zenoss bugs
- [oss-security] 20130531 Re: plone, rrdtool, zenoss bugs
- [oss-security] 20130531 Re: plone, rrdtool, zenoss bugs
- https://bugzilla.redhat.com/show_bug.cgi?id=969296
- https://bugzilla.redhat.com/show_bug.cgi?id=969296
- https://github.com/oetiker/rrdtool-1.x/issues/396
- https://github.com/oetiker/rrdtool-1.x/issues/396
- https://github.com/oetiker/rrdtool-1.x/pull/397
- https://github.com/oetiker/rrdtool-1.x/pull/397