CVE Reference: CVE-2010-1645

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2010-1645

Description:
Cacti before 0.8.7f, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in (1) the FQDN field of a Device or (2) the Vertical Label field of a Graph Template.

CVE Status:
Candidate

References:

SAID
  Secunia Advisory: SA41041

REDHAT

MISC
  http://www.bonsai-sec.com/en/research/vulnerabilities/cacti-os-command-injection-0105.php

MANDRIVA
  http://www.mandriva.com/security/advisories?name=MDVSA-2010:160

CONFIRM
  http://www.cacti.net/release_notes_0_8_7f.php
  http://svn.cacti.net/viewvc?view=rev&revision=5784
  http://svn.cacti.net/viewvc?view=rev&revision=5782
  http://svn.cacti.net/viewvc?view=rev&revision=5778


Return to the previous page.