Rejected reason: gmetad in Ganglia 3.1.1, when supporting multiple requests per connection on an interactive port, allows remote attackers to cause a denial of service via a request to the gmetad service with a path that does not exist, which causes Ganglia to (1) perform excessive CPU computation and (2) send the entire tree, which consumes network bandwidth. NOTE: the vendor and original researcher have disputed this issue, since legitimate requests can generate the same amount of resource consumption. CVE concurs with the dispute, so this identifier should not be used
CVSS
No CVSS.
References
No reference.
Configurations
No configuration.
History
07 Nov 2023, 02:03
| Type | Values Removed | Values Added |
|---|---|---|
| Summary | Rejected reason: gmetad in Ganglia 3.1.1, when supporting multiple requests per connection on an interactive port, allows remote attackers to cause a denial of service via a request to the gmetad service with a path that does not exist, which causes Ganglia to (1) perform excessive CPU computation and (2) send the entire tree, which consumes network bandwidth. NOTE: the vendor and original researcher have disputed this issue, since legitimate requests can generate the same amount of resource consumption. CVE concurs with the dispute, so this identifier should not be used |
Information
Published : 2009-01-21 11:30
Updated : 2024-02-28 11:21
NVD link : CVE-2009-0242
Mitre link : CVE-2009-0242
CVE.ORG link : CVE-2009-0242
JSON object : View
Products Affected
No product.
CWE
No CWE.