Debian Security Advisory
DSA-2060-1 cacti -- insufficient input sanitization
- Date Reported:
- 13 Jun 2010
- Affected Packages:
- cacti
- Vulnerable:
- Yes
- Security database references:
- In the Debian bugtracking system: Bug 582691.
In Mitre's CVE dictionary: CVE-2010-2092. - More information:
-
Stefan Esser discovered that cacti, a front-end to rrdtool for monitoring systems and services, is not properly validating input passed to the rra_id parameter of the graph.php script. Due to checking the input of $_REQUEST but using $_GET input in a query an unauthenticated attacker is able to perform SQL injections via a crafted rra_id $_GET value and an additional valid rra_id $_POST or $_COOKIE value.
For the stable distribution (lenny), this problem has been fixed in version 0.8.7b-2.1+lenny3.
For the testing distribution (squeeze), this problem will be fixed soon.
For the unstable distribution (sid), this problem has been fixed in version 0.8.7e-4.
We recommend that you upgrade your cacti packages.
- Fixed in:
-
Debian GNU/Linux 5.0 (lenny)
- Source:
- http://security.debian.org/pool/updates/main/c/cacti/cacti_0.8.7b-2.1+lenny3.dsc
- http://security.debian.org/pool/updates/main/c/cacti/cacti_0.8.7b-2.1+lenny3.diff.gz
- http://security.debian.org/pool/updates/main/c/cacti/cacti_0.8.7b.orig.tar.gz
- http://security.debian.org/pool/updates/main/c/cacti/cacti_0.8.7b-2.1+lenny3.diff.gz
- Architecture-independent component:
- http://security.debian.org/pool/updates/main/c/cacti/cacti_0.8.7b-2.1+lenny3_all.deb
MD5 checksums of the listed files are available in the original advisory.