CVE-2010-1645
N/A
N/A
Summary
Cacti before 0.8.7f, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in (1) the FQDN field of a Device or (2) the Vertical Label field of a Graph Template.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://svn.cacti.net/viewvc?view=rev&revision=5778
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:160
- http://secunia.com/advisories/41041
- http://www.cacti.net/release_notes_0_8_7f.php
- https://rhn.redhat.com/errata/RHSA-2010-0635.html
- http://www.bonsai-sec.com/en/research/vulnerabilities/cacti-os-command-injection-0105.php
- http://www.vupen.com/english/advisories/2010/2132
- http://svn.cacti.net/viewvc?view=rev&revision=5782
- https://bugzilla.redhat.com/show_bug.cgi?id=609115
- http://svn.cacti.net/viewvc?view=rev&revision=5784
References
- http://svn.cacti.net/viewvc?view=rev&revision=5778
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:160
- http://secunia.com/advisories/41041
- http://www.cacti.net/release_notes_0_8_7f.php
- https://rhn.redhat.com/errata/RHSA-2010-0635.html
- http://www.bonsai-sec.com/en/research/vulnerabilities/cacti-os-command-injection-0105.php
- http://www.vupen.com/english/advisories/2010/2132
- http://svn.cacti.net/viewvc?view=rev&revision=5782
- https://bugzilla.redhat.com/show_bug.cgi?id=609115
- http://svn.cacti.net/viewvc?view=rev&revision=5784
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.