A vulnerability has been discovered in Cacti, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in graph_image.php, which can be exploited to use lots of system resources by passing malicious values to the "graph_start", "graph_end", "graph_width", and "graph_height" parameters. The vulnerability is confirmed in version 0.8.6j. Other versions may also be affected. Solution: Apply the vendor's official fix: http://svn.cacti.net/cgi-bin/viewcvs.....php?rev=3956&r1=3898&r2=3956 Provided and/or discovered by: Mathieu Dessus and the vendor Original Advisory: http://mdessus.free.fr/?p=15 Reproducible: Always
maintainers - please advice and patch as necessary
-r5 bumped with the patch
Arches please test and mark stable. Target keywords are: cacti-0.8.6j-r5.ebuild:KEYWORDS="alpha ~amd64 ~hppa ppc ppc64 sparc x86"
sparc stable.
Arch teams: It's better to stabilize cacti-0.8.6j-r6.ebuild as it contains new patch from upstream which fixes snmp walk functionality: http://www.cacti.net/download_patches.php. I do not think it's worth to give that patch any approbation period... Of course that's up to you, but then I'll find you in another bug very soon :)
(In reply to comment #5) > Arch teams: It's better to stabilize cacti-0.8.6j-r6.ebuild as it contains new > patch from upstream which fixes snmp walk functionality: GRRR...just when I finished testing -r5. x86 stable, adding back sparc, maybe they are interested, too
Thanks Christian, sparc stable too.
ppc64 stable
alpha stable
new target ebuild: cacti-0.8.6j-r6.ebuild:KEYWORDS="alpha ~amd64 ~hppa ppc ppc64 sparc x86"
ppc stable, readd ppc64@g.o
nah.. I did it wrong ^^ now -r6 stable on ppc64.
thanks arches for testing and mantainer for providing the ebuild This ebuild is ready for glsa decision
I tend to vote yes. btw, CVE ids are CVE-2007-3112 and CVE-2007-3113
fixed that - thanks for the hint.
I tend to vote NO.
No too, and i think it is not really a vulnerability, i can consume CPU too by pressing "F5". CLosing, feel free to reopen if you disagree.