U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2009-0242

Change History

CVE Modified by MITRE 12/15/2016 9:59:02 PM

Action Type Old Value New Value
Changed Description
** REJECT **  gmetad in Ganglia 3.1.1, when supporting multiple requests per connection on an interactive port, allows remote attackers to cause a denial of service via a request to the gmetad service with a path does not exist, which causes Ganglia to (1) perform excessive CPU computation and (2) send the entire tree, which consumes network bandwidth.  NOTE: the vendor and original researcher have disputed this issue, since legitimate requests can generate the same amount of resource consumption.  CVE concurs with the dispute, so this identifier should not be used.
** REJECT **  gmetad in Ganglia 3.1.1, when supporting multiple requests per connection on an interactive port, allows remote attackers to cause a denial of service via a request to the gmetad service with a path that does not exist, which causes Ganglia to (1) perform excessive CPU computation and (2) send the entire tree, which consumes network bandwidth.  NOTE: the vendor and original researcher have disputed this issue, since legitimate requests can generate the same amount of resource consumption.  CVE concurs with the dispute, so this identifier should not be used.