oss-sec mailing list archives
Re: CVE request: SQL injection and shell escaping issues in Cacti < 0.8.8b
From: Kurt Seifried <kseifried () redhat com>
Date: Wed, 07 Aug 2013 11:18:53 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 08/07/2013 10:06 AM, Vincent Danen wrote:
Cacti 0.8.8b was released today [1] with a changelog that notes: Cacti 0.8.8b Change Log [...] * security: SQL injection and shell escaping issues It looks like the SQL injection issue is in api_poller.php and utility.php [2] I think there are two shell escaping issue: 1) snmp.php: Use escapeshellarg() instead of custom escape function for snmp library [3] 2) rrd.php: Properly escape all user input for consumption by rrdtool [4] [1] http://sourceforge.net/mailarchive/message.php?msg_id=31258868 [2] http://svn.cacti.net/viewvc?view=rev&revision=7394 [3] http://svn.cacti.net/viewvc?view=rev&revision=7392 [4] http://svn.cacti.net/viewvc?view=rev&revision=7393 Looks like 3 CVEs are needed.
JUST FYI vdanen/myself were emailed off list about some CVE's that may have already been assigned to this. Just waiting on that info before proceeding. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iQIcBAEBAgAGBQJSAoF9AAoJEBYNRVNeJnmTvU0P/RKdK6I0+K5lKJSuhfaoZByH E+1JaQh+9DQFWAjIBJropw46eaJ9snB72dCtj+LDr4J1stBPIkZDGVnBNB3feIlH rJMBBuqQAGU3DdpQz4I3txRt/wDHB540PglKdOFYDXTiKWvy8y0HodrQmkzIU+Xd HLJA8GDHNB/YGXreKDTEQO/KntHKc0YvAY5JeX1EvNJNwDdcHs444lEbKMmoGmpx iS8Khy5EEftwmPVJYzPDXGvdzX6UjdxTEOJHhysUM7m7aGhLtcBoaziC7k9wMcf2 ghCzSzEqcqGkN4cShz0u00naZ627df7i6SZAuM7xp7vvNr9SnunhMMemjt317q9K Vr9Gu3Lb7SwnzRugK8/GMwvgXnzKHyISaoYJX+4EZ7c9J/3x7ZtMdGCfOAmx4x/9 O90YO5tK6szJzsFeBg/yCPAiJ0gt7o6m67jzGOxw6wNPEW4rc0L80o/vjbmhgyop e6CQLlOiTFhlP1iUBXtioyOFIQlwjqIivzcvn23sNW0G7lWmHZ0f9hNq5O03Woq6 80sGJYRnJzptoFM2TOf7YwqzN17bzURO0FQsMTGlyyWt3MU03s4gIRnFmmdvvmjh ce85EAcWiRwmbRPuVHJ0TXPRbBdA0PdcPzvqgCcgs11kEgIbIVdk4ODaWcMqzxSV dhfcoUXmv9uZNEVOz/+4 =b6WC -----END PGP SIGNATURE-----
Current thread:
- CVE request: SQL injection and shell escaping issues in Cacti < 0.8.8b Vincent Danen (Aug 07)
- Re: CVE request: SQL injection and shell escaping issues in Cacti < 0.8.8b Kurt Seifried (Aug 07)
- Re: CVE request: SQL injection and shell escaping issues in Cacti < 0.8.8b Salvatore Bonaccorso (Aug 07)
- Message not available
- Message not available
- Message not available
- Re: CVE request: SQL injection and shell escaping issues in Cacti < 0.8.8b Giuseppe Iuculano (Aug 13)
- Message not available
- Re: CVE request: SQL injection and shell escaping issues in Cacti < 0.8.8b Kurt Seifried (Aug 07)