Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2005-2148 | First vendor Publication | 2005-07-06 |
| Vendor | Cve | Last vendor Modification | 2017-07-11 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 7.5 | Attack Range | Network |
| Cvss Impact Score | 6.4 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Cacti 0.8.6e and earlier does not perform proper input validation to protect against common attacks, which allows remote attackers to execute arbitrary commands or SQL by sending a legitimate value in a POST request or cookie, then specifying the attack string in the URL, which causes the get_request_var function to return the wrong value in the $_REQUEST variable, which is cleansed while the original malicious $_GET value remains unmodified, as demonstrated in (1) graph_image.php and (2) graph.php. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2148 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2008-01-17 | Name : Debian Security Advisory DSA 764-1 (cacti) File : nvt/deb_764_1.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 17721 | Cacti SQL Injection Filter Bypass Cacti contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the user input filters that were added to the Cacti 0.8.6e codebase to address the possible SQL Injections, which were wrongly implemented and can be tricked to let injection attacks through. This may allow an attacker to perform multiple SQL injections, which may allow exploitation to gain administrative privileges and perform arbitrary SQL queries. These attacks require that "register_globals" is enabled. |
| 17720 | Cacti rrdtool Sanity Check Bypass Arbitrary Command Execution |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | cacti graph_image SQL injection attempt RuleID : 8716 - Revision : 7 - Type : SERVER-WEBAPP |
| 2014-01-10 | cacti graph_image SQL injection attempt RuleID : 8715 - Revision : 7 - Type : SERVER-WEBAPP |
| 2014-01-10 | cacti graph_image SQL injection attempt RuleID : 8714 - Revision : 7 - Type : SERVER-WEBAPP |
| 2014-01-10 | cacti graph_image SQL injection attempt RuleID : 8713 - Revision : 7 - Type : SERVER-WEBAPP |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2015-03-03 | Name : The remote web server is running a PHP application that is affected by multip... File : cacti_086f_vcheck.nasl - Type : ACT_GATHER_INFO |
| 2005-07-21 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-764.nasl - Type : ACT_GATHER_INFO |
| 2005-07-05 | Name : The remote web server is running a PHP application that is affected by an aut... File : cacti_086f.nasl - Type : ACT_ATTACK |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2021-05-04 12:03:03 |
|
| 2021-04-22 01:03:19 |
|
| 2020-05-23 00:16:40 |
|
| 2017-07-11 12:01:57 |
|
| 2016-04-26 13:38:40 |
|
| 2015-03-04 13:24:59 |
|
| 2014-02-17 10:32:01 |
|
| 2014-01-19 21:22:49 |
|
| 2013-05-11 11:28:25 |
|
