|
Description
|
|
Some vulnerabilities have been reported in Cacti, which can be exploited by malicious users to conduct script insertion and SQL injection attacks and compromise a vulnerable system.
1) Certain unspecified input is not properly sanitised in cdef.php before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site if malicious data is viewed.
2) Certain unspecified input is not properly sanitised in lib/rrd.php before being used to execute commands. This can be exploited to inject and execute arbitrary shell commands.
3) Input passed via the "graph_start", "graph_end", "graph_height", "graph_width", "graph_nolegend", "print_source", "local_graph_id", and "rra_id" parameters to graph_xport.php is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
The vulnerabilities are reported in versions 0.8.7g and 0.8.8b. Prior versions may also be affected.
|
