cbcvebase.
CVE-2012-2103
published 2012-08-26

CVE-2012-2103: The qmailscan plugin for Munin 1.4.5 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names.

PriorityP48low1.2CVSS 2.0
AVLACHAuNCNIPAN
EPSS
0.33%
24.9th percentile
The qmailscan plugin for Munin 1.4.5 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names.

Affected

6 ranges
VendorProductVersion rangeFixed in
debianmunin< munin 2.0~rc6-1 (bookworm)munin 2.0~rc6-1 (bookworm)
munin-monitoringmunin
munin-monitoringmunin>= 0 < 2.0~rc6-12.0~rc6-1
munin-monitoringmunin>= 0 < 2.0~rc6-12.0~rc6-1
munin-monitoringmunin>= 0 < 2.0~rc6-12.0~rc6-1
munin-monitoringmunin>= 0 < 2.0~rc6-12.0~rc6-1

CVSS provenance

nvdv2.01.2LOWAV:L/AC:H/Au:N/C:N/I:P/A:N
osv1.2LOW
vendor_debian1.2LOW
vendor_ubuntu1.2LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.