CVE-2009-0242 Detail
Rejected
This vulnerability has been rejected by the source.
Description
** REJECT ** gmetad in Ganglia 3.1.1, when supporting multiple requests per connection on an interactive port, allows remote attackers to cause a denial of service via a request to the gmetad service with a path that does not exist, which causes Ganglia to (1) perform excessive CPU computation and (2) send the entire tree, which consumes network bandwidth. NOTE: the vendor and original researcher have disputed this issue, since legitimate requests can generate the same amount of resource consumption. CVE concurs with the dispute, so this identifier should not be used.
Source:
MITRE
Description Last Modified:
12/15/2016
References to Advisories, Solutions, and Tools
By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because
they may have information that would be of interest to you. No inferences should be drawn on account of other sites
being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose.
NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further,
NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about
this page to nvd@nist.gov.
Change History
3 change records found
- show changes
CVE Modified by MITRE -
12/15/2016 9:59:02 PM
| Action |
Type |
Old Value |
New Value |
| Changed |
Description |
Record truncated, showing 500 of 572 characters.
View Entire Change Record
** REJECT ** gmetad in Ganglia 3.1.1, when supporting multiple requests per connection on an interactive port, allows remote attackers to cause a denial of service via a request to the gmetad service with a path does not exist, which causes Ganglia to (1) perform excessive CPU computation and (2) send the entire tree, which consumes network bandwidth. NOTE: the vendor and original researcher have disputed this issue, since legitimate requests can generate the same amount of resource consumptio |
Record truncated, showing 500 of 577 characters.
View Entire Change Record
** REJECT ** gmetad in Ganglia 3.1.1, when supporting multiple requests per connection on an interactive port, allows remote attackers to cause a denial of service via a request to the gmetad service with a path that does not exist, which causes Ganglia to (1) perform excessive CPU computation and (2) send the entire tree, which consumes network bandwidth. NOTE: the vendor and original researcher have disputed this issue, since legitimate requests can generate the same amount of resource consu |
CVE Translated -
5/6/2015 3:45:01 AM
| Action |
Type |
Old Value |
New Value |
| Added |
Translation |
|
Record truncated, showing 500 of 736 characters.
View Entire Change Record
** RECHAZADA** gmetad en Ganglia 3.1.1, cuando soporta múltiples solicitudes por conexión en un puerto interactivo, permite a atacantes remotos causar una denegación de servicio a través de una solicitud al servicio gmetad con una ruta que no existe, lo que causa que Ganglia (1) realiza el consumo de CPU excesivo y (2) envíe el árbol entero, lo que consume el ancho de banda de la red. NOTA: el proveedor y el investigador original |
| Removed |
Translation |
Ganglia v3.1.1 permite a atacantes remotos provocar una denegación de servicio a través de una petición al servicio gmetad con una ruta que no existe, lo que provoca que Ganglia (1) realice un consumo de CPU excesivo y (2) envíe el árbol completo, lo que consume ancho de banda de la red. |
|
Initial CVE Analysis -
1/21/2009 12:30:00 PM
Quick Info
CVE Dictionary Entry:
CVE-2009-0242
NVD Published Date:
01/21/2009
NVD Last Modified:
12/15/2016
|