Executive Summary
| Summary | |
|---|---|
| Title | New cacti packages fix several vulnerabilities |
| Informations | |||
|---|---|---|---|
| Name | DSA-764 | First vendor Publication | 2005-07-21 |
| Vendor | Debian | Last vendor Modification | 2005-07-21 |
| Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 10 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Several vulnerabilities have been discovered in cacti, a round-robin database (RRD) tool that helps create graphs from database information. The Common Vulnerabilities and Exposures Project identifies the following problems: CAN-2005-1524 Maciej Piotr Falkiewicz and an anonymous researcher discovered an input validation bug that allows an attacker to include arbitrary PHP code from remote sites which will allow the execution of arbitrary code on the server running cacti. CAN-2005-1525 Due to mising input validation cacti allows a remote attacker to insert arbitrary SQL statements. CAN-2005-1526 Maciej Piotr Falkiewicz discovered an input validation bug that allows an attacker to include arbitrary PHP code from remote sites which will allow the execution of arbitrary code on the server running cacti. CAN-2005-2148 Stefan Esser discovered that the update for the abovely mentioned vulnerabilities does not perform proper input validation to protect against common attacks. CAN-2005-2149 Stefan Esser discovered that the update for CAN-2005-1525 allows remote attackers to modify session information to gain privileges and disable the use of addslashes to protect against SQL injection. For the old stable distribution (woody) these problems have been fixed in version 0.6.7-2.5. For the stable distribution (sarge) these problems have been fixed in version 0.8.6c-7sarge2. For the unstable distribution (sid) these problems have been fixed in version 0.8.6e-1. We recommend that you upgrade your cacti package. |
Original Source
| Url : http://www.debian.org/security/2005/dsa-764 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200506-20 (cacti) File : nvt/glsa_200506_20.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 764-1 (cacti) File : nvt/deb_764_1.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 17721 | Cacti SQL Injection Filter Bypass Cacti contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the user input filters that were added to the Cacti 0.8.6e codebase to address the possible SQL Injections, which were wrongly implemented and can be tricked to let injection attacks through. This may allow an attacker to perform multiple SQL injections, which may allow exploitation to gain administrative privileges and perform arbitrary SQL queries. These attacks require that "register_globals" is enabled. |
| 17720 | Cacti rrdtool Sanity Check Bypass Arbitrary Command Execution |
| 17719 | Cacti no_http_headers Session Variable Modification Remote Privilege Escalation Cacti contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when an attacker uses the no_http_headers variable to bypass normal authentication, and gain administrative privileges. This flaw may lead to a loss of integrity. |
| 17426 | Cacti top_graph_header.php config Parameter Remote File Inclusion |
| 17425 | Cacti config_settings.php config Parameter Remote File Inclusion Cacti contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to 'config_settings.php' script not properly sanitizing user input supplied to the 'config[include_path]' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script. |
| 17424 | Cacti config_settings.php id Parameter SQL Injection Cacti contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'config_settings.php' script not properly sanitizing user-supplied input to the 'id' variable. This may allow an attacker to inject or manipulate SQL queries in the back-end database. |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | cacti graph_image SQL injection attempt RuleID : 8716 - Revision : 7 - Type : SERVER-WEBAPP |
| 2014-01-10 | cacti graph_image SQL injection attempt RuleID : 8715 - Revision : 7 - Type : SERVER-WEBAPP |
| 2014-01-10 | cacti graph_image SQL injection attempt RuleID : 8714 - Revision : 7 - Type : SERVER-WEBAPP |
| 2014-01-10 | cacti graph_image SQL injection attempt RuleID : 8713 - Revision : 7 - Type : SERVER-WEBAPP |
| 2014-01-10 | cacti graph_image arbitrary command execution attempt RuleID : 8712 - Revision : 7 - Type : SERVER-WEBAPP |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2015-03-03 | Name : The remote web server is running a PHP application that is affected by multip... File : cacti_086e_vcheck.nasl - Type : ACT_GATHER_INFO |
| 2015-03-03 | Name : The remote web server is running a PHP application that is affected by multip... File : cacti_086f_vcheck.nasl - Type : ACT_GATHER_INFO |
| 2005-07-21 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-764.nasl - Type : ACT_GATHER_INFO |
| 2005-07-05 | Name : The remote web server is running a PHP application that is affected by an aut... File : cacti_086f.nasl - Type : ACT_ATTACK |
| 2005-06-23 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200506-20.nasl - Type : ACT_GATHER_INFO |
| 2005-06-22 | Name : The remote web server is running a PHP application that is affected by a loca... File : cacti_086e.nasl - Type : ACT_ATTACK |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:34:11 |
|
