Launchpad CVE tracker

CVE 2010-4336

The cu_rrd_create_file function (src/utils_rrdcreate.c) in collectd 4.x before 4.9.4 and before 4.10.2 allow remote attackers to cause a denial of service (assertion failure) via a packet with a timestamp whose value is 10 or less, as demonstrated by creating RRD files using the (1) RRDtool and (2) RRDCacheD plugins.

Related bugs and status

CVE-2010-4336 (Candidate) is related to these bugs:

Bug #995234: Merge collectd 5.1.0-3 (universe) from Debian unstable (main)

Summary				In	Importance	Status
	995234	Merge collectd 5.1.0-3 (universe) from Debian unstable (main)		collectd (Ubuntu)	Undecided	Fix Released
	995234	Merge collectd 5.1.0-3 (universe) from Debian unstable (main)		collectd (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://www.securityfoc...
MISC: http://www.vupen.com/e...
MISC: http://www.vupen.com/e...
MISC: http://www.debian.org/...
MISC: http://lists.fedorapro...
MISC: http://lists.opensuse....
MISC: http://bugs.debian.org...
MISC: http://collectd.org/ne...

Launchpad.net

CVE 2010-4336

Related bugs and status

Related bugs

References