I saw this pass by on my RSS feeds, not sure if you guys are aware of these yet?
* http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0241 "Stack-based buffer overflow in the process_path function in gmetad/server.c in Ganglia 3.1.1 allows remote attackers to cause a denial of service (crash) via a request to the gmetad service with a long pathname." * http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0242 "Ganglia 3.1.1 allows remote attackers to cause a denial of service via a request to the gmetad service with a path does not exist, which causes Ganglia to (1) perform excessive CPU computation and (2) send the entire tree, which consumes network bandwidth." - Ramon. -- R. Bastiaans, B.ICT :: Systems Programmer, HPC&V SARA :: Computing and Networking Services Science Park 121 PO Box 94613 1098 XG Amsterdam NL 1090 GP Amsterdam NL P.+31 (0)20 592 3000 F.+31 (0)20 668 3167
smime.p7s
Description: S/MIME Cryptographic Signature
------------------------------------------------------------------------------ This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword
_______________________________________________ Ganglia-developers mailing list Ganglia-developers@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ganglia-developers