FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

cacti -- SQL injection and command execution vulnerabilities

Affected packages
cacti <= 0.8.7e4

Details

VuXML ID 5198ef84-4fdc-11df-83fb-0015587e2cc1
Discovery 2010-04-21
Entry 2010-04-24
Modified 2013-06-16

Bonsai information security reports:

A Vulnerability has been discovered in Cacti, which can be exploited by any user to conduct SQL Injection attacks. Input passed via the "export_item_id" parameter to "templates_export.php" script is not properly sanitized before being used in a SQL query.

The same source also reported a command execution vulnerability. This second issue can be exploited by Cacti users who have the rights to modify device or graph configurations.

References

CVE Name CVE-2010-1431
FreeBSD PR ports/146021
URL http://www.bonsai-sec.com/en/research/vulnerabilities/cacti-os-command-injection-0105.php
URL http://www.bonsai-sec.com/en/research/vulnerabilities/cacti-sql-injection-0104.php
URL http://www.debian.org/security/2010/dsa-2039