Summary: | net-analyzer/cacti SQL injection that allows bypass auth. | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sune Kloppenborg Jeppesen (RETIRED) <jaervosz> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | netmon |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | All | ||
URL: | http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0717.html | ||
Whiteboard: | B3 [glsa] jaervosz | ||
Package list: | Runtime testing required: | --- |
Description
Sune Kloppenborg Jeppesen (RETIRED)
2004-08-16 21:21:22 UTC
Netmon will you please verify that we are vulnerable and patch if needed. http://cvs.raxnet.net/cgi-bin/viewcvs.cgi/cacti/auth_login.php yep. I'll prepare a patch for it. 0.8.5a-r1 in portage, stable on x86. Security please draft GLSA It should be noted that you _MUST_ back up a copy of your include/config.php before merging cacti or you will lose your database settings and cacti will have to be reconfigured. cp /var/www/localhost/htdocs/cacti/include/config.php ~ emerge '>=net-analyzer/cacti-0.8.5a-r1' cp ~/config.php /var/www/localhost/htdocs/cacti/include/config.php Hmm. I moved config.php to config-sample.php. that should handle that. magic_quotes_gpc is on by default so this is not that big an issue. Security please vote about GLSA publication. Revision 1.49 / (view) - annotate - [select for diffs] , Wed Jul 21 05:30:27 2004 UTC (4 weeks, 1 day ago) by iberry Branch: MAIN CVS Tags: HEAD Changes since 1.48: +7 -10 lines Diff to previous 1.48 remove security hazard ------------------------------ I vote yes. GLSA drafted. Security please review. This patch does not seem to solve the full path disclosure problem. Path issue was not fixed but most web-apps suffer the same issue. GLSA 200408-21 |