Debian Security Advisory
DSA-2060-1 cacti -- insufficient input sanitization
- Date Reported:
- 13 Jun 2010
- Affected Packages:
- Security database references:
- In the Debian bugtracking system: Bug 582691.
In Mitre's CVE dictionary: CVE-2010-2092.
- More information:
Stefan Esser discovered that cacti, a front-end to rrdtool for monitoring systems and services, is not properly validating input passed to the rra_id parameter of the graph.php script. Due to checking the input of $_REQUEST but using $_GET input in a query an unauthenticated attacker is able to perform SQL injections via a crafted rra_id $_GET value and an additional valid rra_id $_POST or $_COOKIE value.
For the stable distribution (lenny), this problem has been fixed in version 0.8.7b-2.1+lenny3.
For the testing distribution (squeeze), this problem will be fixed soon.
For the unstable distribution (sid), this problem has been fixed in version 0.8.7e-4.
We recommend that you upgrade your cacti packages.
- Fixed in:
Debian GNU/Linux 5.0 (lenny)
- Architecture-independent component:
MD5 checksums of the listed files are available in the original advisory.