CVE-2013-2131 Information

Description

Format string vulnerability in the rrdtool module 1.4.7 for Python as used in Zenoss allows context-dependent attackers to cause a denial of service (crash) via format string specifiers to the rrdtool.graph function.

Reference

http://www.openwall.com/lists/oss-security/2013/04/18/5 http://www.openwall.com/lists/oss-security/2013/05/19/5 http://www.openwall.com/lists/oss-security/2013/05/31/2 https://bugzilla.redhat.com/show_bug.cgi?id=969296 https://github.com/oetiker/rrdtool-1.x/issues/396 https://github.com/oetiker/rrdtool-1.x/pull/397