Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2009-4112HistoryNov 30, 2009 - 9:30 p.m.
CVE-2009-4112
2009-11-3021:30:00
Debian Security Bug Tracker
security-tracker.debian.org
7
9 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
0.058 Low
EPSS
Percentile
93.3%
Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the “Data Input Method” for the “Linux - Get Memory Usage” setting to contain arbitrary commands.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | cacti | < 1.2.1+ds1-1 | cacti_1.2.1+ds1-1_all.deb |
| Debian | 11 | all | cacti | < 1.2.1+ds1-1 | cacti_1.2.1+ds1-1_all.deb |
| Debian | 10 | all | cacti | < 1.2.1+ds1-1 | cacti_1.2.1+ds1-1_all.deb |
| Debian | 999 | all | cacti | < 1.2.1+ds1-1 | cacti_1.2.1+ds1-1_all.deb |
| Debian | 13 | all | cacti | < 1.2.1+ds1-1 | cacti_1.2.1+ds1-1_all.deb |
Related
prion
prion
Input validation
2009-11-30 21:30:00
openvas
openvas
Cacti 'Linux - Get Memory Usage' Remote Command Execution Vulnerability
2009-12-01 00:00:00
Cacti 'Linux - Get Memory Usage' Remote Command Execution Vulnerability
2009-12-01 00:00:00
Debian Security Advisory DSA 1954-1 (cacti)
2009-12-30 00:00:00
ubuntucve
ubuntucve
CVE-2009-4112
2009-11-30 00:00:00
cve
cve
CVE-2009-4112
2009-11-30 21:30:00
nessus
nessus
openSUSE Security Update : cacti (cacti-1627)
2009-12-07 00:00:00
Debian DSA-1954-1 : cacti - insufficient input sanitising
2010-02-24 00:00:00
openSUSE Security Update : cacti / cacti-spine (openSUSE-2020-272)
2020-03-02 00:00:00
securityvulns
securityvulns
seebug
seebug
New cacti packages fix insufficient input sanitising
2009-12-17 00:00:00
osv
osv
cacti - insufficient input sanitising
2009-12-16 00:00:00
debian
debian
[SECURITY] [DSA 1954-1] New cacti packages fix insufficient input sanitising
2009-12-16 11:47:37
suse
suse
Security update for cacti, cacti-spine (important)
2020-03-01 00:00:00
Security update for cacti, cacti-spine (important)
2020-03-02 00:00:00
Security update for cacti, cacti-spine (important)
2020-04-28 00:00:00
9 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
0.058 Low
EPSS
Percentile
93.3%
Related for DEBIANCVE:CVE-2009-4112