Bug 1067166 (CVE-2017-16641)

Summary: VUL-0: CVE-2017-16641: cacti: lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators to execute arbitrary OS commands
Product: [openSUSE] openSUSE Distribution Reporter: Victor Pereira <vpereira>
Component: SecurityAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: aj, astieger, bitdealer, joop.boonen, liedke
Version: Leap 42.3   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/194635/
Whiteboard:
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Victor Pereira 2017-11-08 12:09:58 UTC 
CVE-2017-16641

lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators to
execute arbitrary OS commands via the path_rrdtool parameter in an action=save
request to settings.php.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-16641
https://github.com/Cacti/cacti/issues/1057
Comment 1 David Liedke 2017-11-08 13:41:46 UTC 
Will be fixed in version 1.1.28.
Comment 3 Andreas Stieger 2017-11-20 09:08:42 UTC 
Maintenance submission:
https://build.opensuse.org/request/show/543578
Comment 4 Andreas Stieger 2017-11-22 19:44:59 UTC 
releasing, done
Comment 5 Swamp Workflow Management 2017-11-22 23:08:57 UTC 
openSUSE-SU-2017:3051-1: An update that fixes four vulnerabilities is now available.

Category: security (important)
Bug References: 1067163,1067164,1067166,1068028
CVE References: CVE-2017-16641,CVE-2017-16660,CVE-2017-16661,CVE-2017-16785
Sources used:
openSUSE Leap 42.3 (src):    cacti-1.1.28-29.1, cacti-spine-1.1.28-20.1
openSUSE Leap 42.2 (src):    cacti-1.1.28-16.13.1, cacti-spine-1.1.28-7.13.1
Comment 6 Swamp Workflow Management 2018-07-28 18:10:39 UTC 
This is an autogenerated message for OBS integration:
This bug (1067166) was mentioned in
https://build.opensuse.org/request/show/625957 Backports:SLE-12 / cacti
Comment 7 Swamp Workflow Management 2018-08-03 22:10:44 UTC 
openSUSE-OU-2018:2194-1: An update that fixes 33 vulnerabilities is now available.

Category: optional (low)
Bug References: 022564,1047512,1048102,1050950,1051633,1054390,1054742,1067163,1067164,1067166,1068028,1101024,1101139,837440,862993,867607,870821,872008,934187,937997,958863,958977,960678,965930,971357,974013
CVE References: CVE-2006-6799,CVE-2007-3112,CVE-2007-3113,CVE-2013-5588,CVE-2013-5589,CVE-2014-2326,CVE-2014-2327,CVE-2014-2328,CVE-2014-2708,CVE-2014-2709,CVE-2014-4000,CVE-2014-4002,CVE-2014-5025,CVE-2014-5026,CVE-2015-4342,CVE-2015-4634,CVE-2015-8369,CVE-2015-8377,CVE-2015-8604,CVE-2016-2313,CVE-2016-3172,CVE-2016-3659,CVE-2017-10970,CVE-2017-11163,CVE-2017-11691,CVE-2017-12065,CVE-2017-12927,CVE-2017-12978,CVE-2017-15194,CVE-2017-16641,CVE-2017-16660,CVE-2017-16661,CVE-2017-16785
Sources used:
SUSE Package Hub for SUSE Linux Enterprise 12 (src):    cacti-1.1.38-2.1