Signature Detail

Short Name	HTTP:MISC:GRAPHITE-RCE
Severity	High
Recommended	Yes
Recommended Action	Drop
Category	HTTP
Keywords	Graphite Web Unsafe Pickle Handling Remote Code Execution
Release Date	2013/11/26
Update Number	2322
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Graphite Web Unsafe Pickle Handling Remote Code Execution

This signature detects attempts to exploit a known vulnerability in Graphite. A successful attack can lead to arbitrary code execution.

Extended Description

The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object.

Affected Products

graphite_project graphite 0.9.10
graphite_project graphite 0.9.5
graphite_project graphite 0.9.6
graphite_project graphite 0.9.7
graphite_project graphite 0.9.8
graphite_project graphite 0.9.9

References

BugTraq: 61894
CVE: CVE-2013-5093

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Graphite Web Unsafe Pickle Handling Remote Code Execution

Extended Description

Affected Products

References