CVE-2009-0242

Name: CVE-2009-0242
Creator: NVD / NIST
Published: 2009-01-21T11:30:04.233+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

Unknown

Last modified Nov 7, 2023

CVE-2009-0242 is a vulnerability of currently unknown severity. Rejected reason: gmetad in Ganglia 3.1.1, when supporting multiple requests per connection on an interactive port, allows remote attackers to cause a denial of service via a request to the gmetad service with a path that does not exist, which causes Ganglia to (1) perform excessive CPU computation and (2) send the entire tree, which consumes network bandwidth. NOTE: the vendor and original researcher have disputed this issue, since legitimate requests can generate the same amount of resource consumption.

Description

Rejected reason: gmetad in Ganglia 3.1.1, when supporting multiple requests per connection on an interactive port, allows remote attackers to cause a denial of service via a request to the gmetad service with a path that does not exist, which causes Ganglia to (1) perform excessive CPU computation and (2) send the entire tree, which consumes network bandwidth. NOTE: the vendor and original researcher have disputed this issue, since legitimate requests can generate the same amount of resource consumption. CVE concurs with the dispute, so this identifier should not be used

Timeline

Published: Jan 21, 2009
Last Modified: Nov 7, 2023
Status: Rejected

Frequently Asked Questions

What is CVE-2009-0242?

How severe is CVE-2009-0242?

Severity scoring for CVE-2009-0242 is pending analysis.

How do I fix CVE-2009-0242?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2009-0242?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST