Bug 95513 (CVE-2005-2149) - VUL-0: CVE-2005-2149: cacti 0.8.6f released
Summary: VUL-0: CVE-2005-2149: cacti 0.8.6f released
Status: RESOLVED DUPLICATE of bug 91166
Alias: CVE-2005-2149
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other All
: P5 - None : Normal
Target Milestone: ---
Assignee: Matthias Eckermann
QA Contact: Security Team bot
URL:
Whiteboard: CVE-2005-2149: CVSS v2 Base Score: 10...
Keywords:
Depends on:
Blocks:
 
Reported: 2005-07-07 11:41 UTC by Marcus Meissner
Modified: 2021-11-09 09:50 UTC (History)
2 users (show)

See Also:
Found By: Other
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2005-07-07 11:41:07 UTC 
Cacti version 0.8.6f has been released to address three security 
 vulnerabilities that have been disclosed by the PHP-Hardened Project. 
  
 It is recommended that all users upgrade immediately. A patch containing 
 only the security fixes has been provided for both Cacti versions 0.8.6d 
 and 0.8.6e. Please see the official patches page for application 
 instructions and further information. 
  
 http://www.cacti.net/download_patches.php 
  
 See the release notes for additional information about this release. 
  
 http://www.cacti.net/release_notes_0_8_6f.php 
  
 All files related to this release can be found under the downloads 
 section on the Cacti website. 
  
 http://www.cacti.net/download_cacti.php 
  
 Ian
Comment 1 Marcus Meissner 2005-07-07 11:41:23 UTC 
Here are two more ids for the problems in cacti, in particular what 
Stefan Esser discovered. 
 
Regards, 
 
        Joey 
 
====================================================== 
Candidate: CAN-2005-2148 
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2148 
Final-Decision:  
Interim-Decision:  
Modified:  
Proposed:  
Assigned: 20050706 
Category: SF 
Reference: MISC:http://www.hardened-php.net/advisory-032005.php 
Reference: MISC:http://www.hardened-php.net/advisory-042005.php 
Reference: MLIST:[cacti-announce] 20050701 Cacti 0.8.6f Released 
Reference: 
URL:http://sourceforge.net/mailarchive/forum.php?forum_id=10360&max_rows=25&style=flat&viewmonth=200507&viewday=1 
Reference: 
CONFIRM:http://www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch 
 
Cacti 0.8.6e and earlier does not perform proper input validation to 
protect against common attacks, which allows remote attackers to 
execute arbitrary commands or SQL by sending a legitimate value in a 
POST request or cookie, then specifying the attack string in the URL, 
which causes the get_request_var function to return the wrong value in 
the $_REQUEST variable, which is cleansed while the original malicious 
$_GET value remains unmodified, as demonstrated in (1) graph_image.php 
and (2) graph.php. 
 
 
 
====================================================== 
Candidate: CAN-2005-2149 
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2149 
Final-Decision:  
Interim-Decision:  
Modified:  
Proposed:  
Assigned: 20050706 
Category: SF 
Reference: MISC:http://www.hardened-php.net/advisory-052005.php 
Reference: MLIST:[cacti-announce] 20050701 Cacti 0.8.6f Released 
Reference: 
URL:http://sourceforge.net/mailarchive/forum.php?forum_id=10360&max_rows=25&style=flat&viewmonth=200507&viewday=1 
Reference: 
CONFIRM:http://www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch 
 
config.php in Cacti 0.8.6e and earlier allows remote attackers to set 
to modify session information to gain privileges and disable the use 
of addslashes to protect against SQL injection by setting the 
no_http_headers switch.
Comment 2 Marcus Meissner 2005-07-07 11:43:00 UTC 
actually a dup. sorry  

*** This bug has been marked as a duplicate of 91166 ***
Comment 3 Thomas Biege 2009-10-13 21:31:16 UTC 
CVE-2005-2149: CVSS v2 Base Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)