Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> Debian Local Security Checks >> [DSA764] DSA-764-1 cacti

Vulnerability Assessment Details

[DSA764] DSA-764-1 cacti
Vulnerability Assessment Summary
DSA-764-1 cacti

Detailed Explanation for this Vulnerability Assessment

Several vulnerabilities have been discovered in cacti, a round-robin
database (RRD) tool that helps create graphs from database
information. The Common Vulnerabilities and Exposures Project
identifies the following problems:
Maciej Piotr Falkiewicz and an anonymous researcher discovered an
input validation bug that permits a possible hacker to include arbitrary
PHP code from remote sites which will permit the execution of
arbitrary code on the server running cacti.
Due to missing input validation cacti permits a remote attacker to
insert arbitrary SQL statements.
Maciej Piotr Falkiewicz discovered an input validation bug that
permits a possible hacker to include arbitrary PHP code from remote sites
which will permit the execution of arbitrary code on the server
running cacti.
Stefan Esser discovered that the update for the above mentioned
vulnerabilities does not perform proper input validation to
protect against common attacks.
Stefan Esser discovered that the update for CVE-2005-1525 permits
remote attackers to modify session information to gain rights
and disable the use of addslashes to protect against SQL
injection.
For the old stable distribution (woody) these problems have been fixed in
version 0.6.7-2.5.
For the stable distribution (sarge) these problems have been fixed in
version 0.8.6c-7sarge2.
For the unstable distribution (sid) these problems have been fixed in
version 0.8.6f-2.
We recommend that you upgrade your cacti package.


Solution : http://www.debian.org/security/2005/dsa-764
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is (C) 2007 Michel Arboi
Cables, Connectors


OEM 130W Charger For Dell XPS 15 9530 9550 9560 9570 7590 06TTY6 Power Adapter picture

OEM 130W Charger For Dell XPS 15 9530 9550 9560 9570 7590 06TTY6 Power Adapter

$35.99


M1MYR Dell OEM 130W AC Adapter 4.5mm Small Tip 4 Precision 5520 5530 M20 4MFJT picture

M1MYR Dell OEM 130W AC Adapter 4.5mm Small Tip 4 Precision 5520 5530 M20 4MFJT

$18.04


NEW OEM Dell Inspiron 14 5406 P126G Laptop Battery 11.25V 40Wh JK6Y6 CF5RH picture

NEW OEM Dell Inspiron 14 5406 P126G Laptop Battery 11.25V 40Wh JK6Y6 CF5RH

$37.00


OEM Dell Inspiron 11 13 14 15 17 3000 5000 7000 AC Adapter Charger 65W 4.5mm Tip picture

OEM Dell Inspiron 11 13 14 15 17 3000 5000 7000 AC Adapter Charger 65W 4.5mm Tip

$10.99


Genuine OEM Dell 90W Laptop Charger AC Adapter 19.5V 4.62A 50-60 Hz white tip picture

Genuine OEM Dell 90W Laptop Charger AC Adapter 19.5V 4.62A 50-60 Hz white tip

$8.74


OEM 130W USB-C Type-C Charger for Dell XPS 15 9500 9570 9575 17 9700 DA130PM170 picture

OEM 130W USB-C Type-C Charger for Dell XPS 15 9500 9570 9575 17 9700 DA130PM170

$35.88


Genuine OEM 65W Dell PA-12 AC Adapter Charger 928G4 06TM1C LA65NS2-01 7.4*5.0mm picture

Genuine OEM 65W Dell PA-12 AC Adapter Charger 928G4 06TM1C LA65NS2-01 7.4*5.0mm

$14.99


Dell OEM Latitude 12 Rugged 7214 / 7204  Touchscreen LCD Complete Assembly picture

Dell OEM Latitude 12 Rugged 7214 / 7204  Touchscreen LCD Complete Assembly

$39.00


Genuine OEM 42wh YRDD6 Battery For Dell Inspiron 3493 3582 3583 3584 7586 3793 picture

Genuine OEM 42wh YRDD6 Battery For Dell Inspiron 3493 3582 3583 3584 7586 3793

$32.89


Discussions

No Discussions have been posted on this vulnerability.