FKIE_CVE-2010-4336
Vulnerability from fkie_nvd - Published: 2010-12-17 19:00 - Updated: 2025-04-11 00:51
Severity ?
Summary
The cu_rrd_create_file function (src/utils_rrdcreate.c) in collectd 4.x before 4.9.4 and before 4.10.2 allow remote attackers to cause a denial of service (assertion failure) via a packet with a timestamp whose value is 10 or less, as demonstrated by creating RRD files using the (1) RRDtool and (2) RRDCacheD plugins.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:collectd:collectd:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FA919F-B3E9-481A-BEEE-4FD59D998818",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E11AE71-A925-4CCF-BBF5-81181A7A0D7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "470AD925-7D0B-49CE-9AC4-798ED2123606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "077BA406-0428-4A98-97A1-81A742737837",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E3A08C70-F809-4B7B-8F47-C8E3A96F2DDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "20D839EA-1E54-4290-8BB2-DBD478E5A411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "00105CB1-F6B9-4CE2-B6D5-4A822F522818",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "BA673AD5-D6E0-4078-84E9-30A0ADF3A70F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "19B3EF91-E0C1-42A3-A704-B46BD05881A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "BE4AFF5D-4955-45B6-9AFD-92781FEDADAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DFE2D25B-B17B-4A4D-882A-3F837CFBD8B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22C2BDFF-86E8-4489-BC22-38FD9D692BAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "45E4255A-18D1-439D-A8EA-3644F5F55F08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "20977ED3-11DA-434A-9D23-C40466134589",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5548E00B-FF33-4315-89FD-80E3E557E159",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A81D9BD1-B875-4DA8-AC87-C223F33E7753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "05BC4340-058A-42E4-B65D-2777690C1D84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ED18A199-8391-43EF-82D2-37B2E5CAC37C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D219E916-2CDE-4A7E-97B9-890CBD2A486F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A15A71D3-5EB3-408B-90A9-8CD65DA7AA19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAAE341-4764-463A-A123-C7E51AE529A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "57773A8A-E37D-4216-802C-E051330AC9A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1AABA2E6-D745-417A-9CD6-43C66222F9C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E4D28CC3-097D-4D7E-87B2-858182E21B1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC72481-9DF8-4FD8-89BD-99E4E7374EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EF273925-B6CE-49B5-A563-B46202479D3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1F450634-D0D6-4B76-B573-54AE15C05A46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8C035333-64E2-41D4-8A85-EEC7546ADA97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "676E05CA-97AB-47E0-BF3B-36AA5A25B09F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B21A50CE-6972-4DB7-BA3C-60C1CA966208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "65484AAC-BA2A-4BE0-A987-03BDDE3ECAB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "131CF206-E9E4-425D-B58A-64C2B3D69993",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5797BFD5-AF3C-4088-98D5-04DBC7D268B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EFFCBA03-EBCA-42BB-9E51-F57D8ECCC7EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9F0ADE70-D953-4162-BAE6-80C7C8A33326",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "37B2CEC7-578F-49AE-B79D-7DB915D95530",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "936641B5-074B-4FAE-AFE8-61E1B9E56E8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "557FAA65-030A-4150-ADCB-CFD483A1AC99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "89D102E9-EA11-496E-8195-85E2D873FE2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9E342C7B-8D37-4344-9CDA-735EAE176883",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "61896971-A5FD-4EB3-9ECC-98F260C5FF15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3E359E7F-66C0-43EE-BD3A-C9E1F9832766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "38429C54-0F44-4D05-BCB3-5EC3D44A018D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2F535544-040D-4740-97BA-BB2880183744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "96627C68-5D1A-4289-8A73-B609F57CB55F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2939380E-339D-40B4-B884-EB8918C70CE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F4E1C89C-0ECD-494D-8343-F327AA0E2303",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FD8CDB24-885E-4222-9B63-1AB3047F1B44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7894337C-EF2B-47AE-ABBF-AA117AB511BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FF33A06F-CB4C-4263-880A-55F57078E354",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0AB6D4DE-DF7D-4C16-8BD7-00EBD3C590E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "71DD56DD-6ABF-4DE2-A0A3-97EA3CE81B9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CA18EF95-EBCB-4D39-9EB6-CDEF1BEAF190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76F815A1-19CF-4FD6-AD94-843D67DF61DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1034A9A6-5A0E-408B-8747-BCF30F1C4949",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D21C29D6-8272-4EA7-A32C-9BB06F814C29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "628AE364-86C5-48A9-8373-896E649AC72D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "66A53339-683F-4414-A6D8-87E1443F1218",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0DAF267B-DCD7-4A30-9871-997B04EBAC11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F430691B-D4CA-4478-976C-39EDEC734074",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C6F67506-9D98-475D-BB83-3A2AF2673A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F4FDFB4E-ADE6-4A30-AE51-E0DAE980DEA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1A3DD4C0-ADA9-493A-9062-F5BD0F5FD2AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2DDD070-FE0C-4BF3-87B3-A3D71D19D540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:collectd:collectd:4.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "04790B8F-47B9-4C25-9F4C-4EEE9C5432C9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The cu_rrd_create_file function (src/utils_rrdcreate.c) in collectd 4.x before 4.9.4 and before 4.10.2 allow remote attackers to cause a denial of service (assertion failure) via a packet with a timestamp whose value is 10 or less, as demonstrated by creating RRD files using the (1) RRDtool and (2) RRDCacheD plugins."
},
{
"lang": "es",
"value": "La funci\u00f3n cu_rrd_create_file (src/utils_rrdcreate.c) en collectd v4.x anterior a v4.9.4 y anterior a v4.10.2 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (fallo) a trav\u00e9s de un paquete con un sellado de tiempo cuyo valor es de 10 o menos, como lo demuestra la creaci\u00f3n de archivos RRD mediante la (1) RRDtool y (2) pluggins RRDCacheD.\r\n"
}
],
"id": "CVE-2010-4336",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-12-17T19:00:22.887",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605092"
},
{
"source": "secalert@redhat.com",
"url": "http://collectd.org/news.shtml#news86"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052875.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42393"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42491"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/42846"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2010/dsa-2133"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/45075"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3196"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2011/0041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://collectd.org/news.shtml#news86"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052875.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42393"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/42846"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2010/dsa-2133"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/45075"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3196"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2011/0041"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…