This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
HTTP:PHP:CACTI-RDD-LOCAL-SCRIPT
|
Severity |
Minor
|
Recommended |
No
|
Category |
HTTP
|
Keywords |
Cacti RDD Local Scripts
|
Release Date |
2007/03/07
|
Update Number |
1213
|
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
HTTP: Cacti RDD Local Scripts
This signature detects attempts to exploit a known vulnerability against Cacti RDD. A successful attack can lead to arbitrary code execution.
Extended Description
Cacti is prone to a remote command-execution vulnerability because the application fails to properly sanitize user-supplied input to the 'cmd.php' script.
Exploiting this issue allows attackers to execute arbitrary commands in the context of the server.
A successful exploit could facilitate the compromise of an affected computer; other attacks are also possible.
Cacti 0.8.6i and prior versions are reportedly affected.
Affected Products
- Cacti cacti 0.8.6 F
- Cacti cacti 0.8.6 H
- Cacti cacti 0.8.6I
- Debian linux 3.1.0
- Debian linux 3.1.0 Alpha
- Debian linux 3.1.0 Amd64
- Debian linux 3.1.0 Arm
- Debian linux 3.1.0 Hppa
- Debian linux 3.1.0 Ia-32
- Debian linux 3.1.0 Ia-64
- Debian linux 3.1.0 M68k
- Debian linux 3.1.0 Mips
- Debian linux 3.1.0 Mipsel
- Debian linux 3.1.0 Ppc
- Debian linux 3.1.0 S/390
- Debian linux 3.1.0 Sparc
- Gentoo linux
- Mandriva corporate_server 4.0
- Mandriva corporate_server 4.0.0 X86 64
- Openpkg openpkg 2-Stable-20061018
- Openpkg openpkg Current
- Openpkg openpkg E1.0-Solid
- Openpkg openpkg Stable
- Suse linux_personal 10.0.0 OSS
- Suse linux_personal 10.1
- Suse linux_personal 9.3.0
- Suse linux_personal 9.3.0 X86 64
- Suse linux_professional 10.0.0
- Suse linux_professional 10.0.0 OSS
- Suse linux_professional 9.3.0
- Suse linux_professional 9.3.0 X86 64
- Suse opensuse 10.2
References