QwikSec

Security Database

CVE

CWE

Training

CVE-2005-2148

Published: Jul 6, 2005

Modified: Aug 7, 2024

PUBLISHED

Description

Cacti 0.8.6e and earlier does not perform proper input validation to protect against common attacks, which allows remote attackers to execute arbitrary commands or SQL by sending a legitimate value in a POST request or cookie, then specifying the attack string in the URL, which causes the get_request_var function to return the wrong value in the $_REQUEST variable, which is cleansed while the original malicious $_GET value remains unmodified, as demonstrated in (1) graph_image.php and (2) graph.php.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch

x_refsource_CONFIRM

cacti-request-array-command-execution(21270)

vdb-entry

x_refsource_XF

http://www.hardened-php.net/advisory-032005.php

x_refsource_MISC

20050702 Advisory 04/2005: Cacti Remote Command Execution Vulnerability

mailing-list

x_refsource_BUGTRAQ

20050702 Advisory 03/2005: Cacti Multiple SQL Injection Vulnerabilities [FIXED]

mailing-list

x_refsource_BUGTRAQ

[cacti-announce] 20050701 Cacti 0.8.6f Released

mailing-list

x_refsource_MLIST

cacti-graph-post-cookie-sql-injection(21266)

vdb-entry

x_refsource_XF

vdb-entry

x_refsource_VUPEN

vendor-advisory

x_refsource_DEBIAN

vdb-entry

x_refsource_BID

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_SECTRACK

vdb-entry

x_refsource_BID

http://www.hardened-php.net/advisory-042005.php

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.