Lucene search
K

Debian Security Advisory DSA 1954-1 (cacti)

🗓️ 30 Dec 2009 00:00:00Reported by Copyright (c) 2009 E-Soft Inc. http://www.securityspace.comType 
openvas
 openvas
🔗 plugins.openvas.org👁 25 Views

The remote host is missing an update to cacti announced via advisory DSA 1954-1. Several vulnerabilities have been found in cacti, a frontend to rrdtool for monitoring systems and services. It was discovered that cacti is prone to denial of service and cross-site scripting attacks and allows authenticated administrator users to gain access to the host system by executing arbitrary commands

Related
Code
ReporterTitlePublishedViews
Family
FreeBSD
cacti -- cross-site scripting issues
21 Nov 200900:00
freebsd
0day.today
Cacti 0.8.7e: Multiple Security Issues
26 Nov 200900:00
zdt
Circl
CVE-2009-4032
21 Nov 200900:00
circl
Circl
CVE-2009-4112
16 Nov 200900:00
circl
CVE
CVE-2007-3112
7 Jun 200721:00
cve
CVE
CVE-2007-3113
7 Jun 200721:00
cve
CVE
CVE-2009-4032
27 Nov 200919:00
cve
CVE
CVE-2009-4112
30 Nov 200921:00
cve
Cvelist
CVE-2007-3112
7 Jun 200721:00
cvelist
Cvelist
CVE-2007-3113
7 Jun 200721:00
cvelist
Rows per page
# OpenVAS Vulnerability Test
# $Id: deb_1954_1.nasl 6615 2017-07-07 12:09:52Z cfischer $
# Description: Auto-generated from advisory DSA 1954-1 (cacti)
#
# Authors:
# Thomas Reinke <[email protected]>
#
# Copyright:
# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
# Text descriptions are largely excerpted from the referenced
# advisory, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# or at your option, GNU General Public License version 3,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#

include("revisions-lib.inc");
tag_insight = "Several vulnerabilities have been found in cacti, a frontend to rrdtool
for monitoring systems and services. The Common Vulnerabilities and
Exposures project identifies the following problems:

CVE-2007-3112, CVE-2007-3113

It was discovered that cacti is prone to a denial of service via the
graph_height, graph_width, graph_start and graph_end parameters.
This issue only affects the oldstable (etch) version of cacti.

CVE-2009-4032

It was discovered that cacti is prone to several cross-site scripting
attacks via different vectors.

CVE-2009-4112

It has been discovered that cacti allows authenticated administrator
users to gain access to the host system by executing arbitrary commands
via the Data Input Method for the Linux - Get Memory Usage setting.

There is no fix for this issue at this stage. Upstream will implement a
whitelist policy to only allow certain safe commands. For the moment,
we recommend that such access is only given to trusted users and that
the options Data Input and User Administration are otherwise
deactivated.


For the oldstable distribution (etch), these problems have been fixed in
version 0.8.6i-3.6.

For the stable distribution (lenny), this problem has been fixed in
version 0.8.7b-2.1+lenny1.

For the testing distribution (squeeze), this problem will be fixed soon.

For the unstable distribution (sid), this problem has been fixed in
version 0.8.7e-1.1.


We recommend that you upgrade your cacti packages.";
tag_summary = "The remote host is missing an update to cacti
announced via advisory DSA 1954-1.";

tag_solution = "https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201954-1";


if(description)
{
 script_id(66592);
 script_version("$Revision: 6615 $");
 script_tag(name:"last_modification", value:"$Date: 2017-07-07 14:09:52 +0200 (Fri, 07 Jul 2017) $");
 script_tag(name:"creation_date", value:"2009-12-30 21:58:43 +0100 (Wed, 30 Dec 2009)");
 script_cve_id("CVE-2007-3112", "CVE-2007-3113", "CVE-2009-4032", "CVE-2009-4112");
 script_tag(name:"cvss_base", value:"9.0");
 script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:S/C:C/I:C/A:C");
 script_name("Debian Security Advisory DSA 1954-1 (cacti)");



 script_category(ACT_GATHER_INFO);

 script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
 script_family("Debian Local Security Checks");
 script_dependencies("gather-package-list.nasl");
 script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages");
 script_tag(name : "solution" , value : tag_solution);
 script_tag(name : "insight" , value : tag_insight);
 script_tag(name : "summary" , value : tag_summary);
 script_tag(name:"qod_type", value:"package");
 script_tag(name:"solution_type", value:"VendorFix");
 exit(0);
}

#
# The script code starts here
#

include("pkg-lib-deb.inc");

res = "";
report = "";
if ((res = isdpkgvuln(pkg:"cacti", ver:"0.8.6i-3.6", rls:"DEB4.0")) != NULL) {
    report += res;
}
if ((res = isdpkgvuln(pkg:"cacti", ver:"0.8.7b-2.1+lenny1", rls:"DEB5.0")) != NULL) {
    report += res;
}

if (report != "") {
    security_message(data:report);
} else if (__pkg_match) {
    exit(99); # Not vulnerable.
}

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation