Candidate: CVE-2009-0242
PublicDate: 2009-01-21 11:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0242
Description:
 ** REJECT **  gmetad in Ganglia 3.1.1, when supporting multiple requests
 per connection on an interactive port, allows remote attackers to cause a
 denial of service via a request to the gmetad service with a path that does
 not exist, which causes Ganglia to (1) perform excessive CPU computation
 and (2) send the entire tree, which consumes network bandwidth.  NOTE: the
 vendor and original researcher have disputed this issue, since legitimate
 requests can generate the same amount of resource consumption.  CVE concurs
 with the dispute, so this identifier should not be used.
Ubuntu-Description:
Notes:
 jdstrand> per Debian, only affects 3.1.1 branch, currently in experimental under different name
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_ganglia-monitor-core:
upstream_ganglia-monitor-core: needs-triage
dapper_ganglia-monitor-core: not-affected
gutsy_ganglia-monitor-core: not-affected
hardy_ganglia-monitor-core: not-affected
intrepid_ganglia-monitor-core: not-affected
devel_ganglia-monitor-core: not-affected