In association with heise online

29 December 2006, 20:40

Critical hole in Cacti

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Several vulnerabilities in the network statistics graphing tool Cacti allow attackers to infiltrate code: Input passed in the URL to the Cacti script cmd.php is not properly sanitised before it is used in SQL queries. In addition, the script does not properly restrict access to command line usage, allowing code to be infiltrated through this hole. To exploit these vulnerabilities, the PHP configuration variable register_argc_argv must be enabled on the affected system.

According to security service provider Secunia, these vulnerabilities not only affect the current Cacti version 0.8.6i, but possibly previous versions as well. As an emergency measure, Secunia suggests moving the script - cmd.php, to a file path that cannot be accessed by the browser.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit