CVE-2017-6188 - log back

CVE-2017-6188 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Arbitrary file overwrite
Description
+ A vulnerability in munin allows attackers to overwrite any file accessible to the webserver user by setting multiple upper_limit GET parameters when CGI graphs are enabled.
References
+ https://www.debian.org/security/2017/dsa-3794
+ https://github.com/munin-monitoring/munin/pull/797/commits/42ce18f24d3eae8be33526a198bf21e4f2330230
Notes