oss-sec mailing list archives

Re: CVE Request -- Cacti v0.8.7 -- three security fixes

From: "Steven M. Christey" <coley () linus mitre org>
Date: Thu, 27 May 2010 15:41:35 -0400 (EDT)


On Wed, 26 May 2010, Josh Bressers wrote:

     [A], MOPS-2010-023: Cacti Graph Viewer SQL Injection Vulnerability
     http://php-security.org/2010/05/13/mops-2010-023-cacti-graph-viewer-sql-injection-vulnerability/index.html
     http://www.vupen.com/english/advisories/2010/1204

     Credit: The vulnerability was discovered by Stefan Esser as part of
     the SQL Injection Marathon.

     Upstream changeset:
     http://svn.cacti.net/viewvc?view=rev&revision=5920


Steve, you've been handling the MOPS stuff. I'm going to leave this one
alone unless you tell me otherwise (I don't want to dupe).

Use CVE-2010-2092, to be filled in later today (with a bunch of other MOPSissues).

     [C], SQL injection and shell escaping issues reported by Bonsai
     Information Security (http://www.bonsai-sec.com)


Josh assigned CVE-2010-1645 for the OS command issue.

The SQL injection that Jan is referring to in the original request is mostlikely CVE-2010-1431, which was disclosed by Bonsai back in April.


- Steve

Current thread:

CVE Request -- Cacti v0.8.7 -- three security fixes Jan Lieskovsky (May 24)
- Re: CVE Request -- Cacti v0.8.7 -- three security fixes Josh Bressers (May 26)
  - Re: CVE Request -- Cacti v0.8.7 -- three security fixes Steven M. Christey (May 27)
    - Re: CVE Request -- Cacti v0.8.7 -- three security fixes Jan Lieskovsky (Jun 01)
    - Re: CVE Request -- Cacti v0.8.7 -- three security fixes Steven M. Christey (Jun 07)
    - Re: CVE Request -- Cacti v0.8.7 -- three security fixes Larry Adams (Jun 07)
    - Re: CVE Request -- Cacti v0.8.7 -- three security fixes Tony Roman (Jun 07)