CVE-2013-2131

EUVD-2013-2099
Format string vulnerability in the rrdtool module 1.4.7 for Python, as used in Zenoss, allows context-dependent attackers to cause a denial of service (crash) via format string specifiers to the rrdtool.graph function.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 93%
Affected Products (NVD)
VendorProductVersion
rrdtool_projectrrdtool
1.4.7
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
rrdtool
bookworm
1.7.2-4
fixed
bullseye
1.7.2-3
fixed
sid
1.7.2-4.2
fixed
trixie
1.7.2-4.2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
rrdtool
artful
ignored
bionic
Fixed 1.7.0-1build1
released
cosmic
ignored
disco
ignored
eoan
ignored
focal
Fixed 1.7.2-3build1
released
groovy
ignored
hirsute
ignored
impish
Fixed 1.7.2-3build6
released
jammy
Fixed 1.7.2-3ubuntu5
released
kinetic
Fixed 1.7.2-3ubuntu5
released
lucid
ignored
lunar
Fixed 1.7.2-3ubuntu5
released
mantic
Fixed 1.7.2-3ubuntu5
released
noble
Fixed 1.7.2-3ubuntu5
released
precise
ignored
quantal
ignored
raring
ignored
saucy
ignored
trusty
needed
utopic
ignored
vivid
ignored
wily
ignored
xenial
Fixed 1.4.8-1
released
yakkety
ignored
zesty
ignored
Common Weakness Enumeration
References
http://www.openwall.com/lists/oss-security/2013/04/18/5
http://www.openwall.com/lists/oss-security/2013/05/19/5
http://www.openwall.com/lists/oss-security/2013/05/31/2
https://bugzilla.redhat.com/show_bug.cgi?id=969296
https://github.com/oetiker/rrdtool-1.x/issues/396
https://github.com/oetiker/rrdtool-1.x/pull/397
http://www.openwall.com/lists/oss-security/2013/04/18/5
http://www.openwall.com/lists/oss-security/2013/05/19/5
http://www.openwall.com/lists/oss-security/2013/05/31/2
https://bugzilla.redhat.com/show_bug.cgi?id=969296
https://github.com/oetiker/rrdtool-1.x/issues/396
https://github.com/oetiker/rrdtool-1.x/pull/397