CVE-2005-2148

CVE	CVE-2005-2148
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2005-07-06 04:00:00 UTC
Updated	2017-07-11 01:32:00 UTC
Description	Cacti 0.8.6e and earlier does not perform proper input validation to protect against common attacks, which allows remote attackers to execute arbitrary commands or SQL by sending a legitimate value in a POST request or cookie, then specifying the attack string in the URL, which causes the get_request_var function to return the wrong value in the $_REQUEST variable, which is cleansed while the original malicious $_GET value remains unmodified, as demonstrated in (1) graph_image.php and (2) graph.php.

Problem Types: NVD-CWE-Other

Type	Vendor	Product	Version	Update	Edition	Language
Application	The Cacti Group	Cacti	0.8	All	All	All
Application	The Cacti Group	Cacti	0.8.1	All	All	All
Application	The Cacti Group	Cacti	0.8.2	All	All	All
Application	The Cacti Group	Cacti	0.8.2a	All	All	All
Application	The Cacti Group	Cacti	0.8.3	All	All	All
Application	The Cacti Group	Cacti	0.8.3a	All	All	All
Application	The Cacti Group	Cacti	0.8.4	All	All	All
Application	The Cacti Group	Cacti	0.8.5	All	All	All
Application	The Cacti Group	Cacti	0.8.5a	All	All	All
Application	The Cacti Group	Cacti	0.8.6	All	All	All
Application	The Cacti Group	Cacti	0.8.6a	All	All	All
Application	The Cacti Group	Cacti	0.8.6b	All	All	All
Application	The Cacti Group	Cacti	0.8.6c	All	All	All
Application	The Cacti Group	Cacti	0.8.6d	All	All	All
Application	The Cacti Group	Cacti	0.8.6e	All	All	All
Application	The Cacti Group	Cacti	0.8	All	All	All
Application	The Cacti Group	Cacti	0.8.1	All	All	All
Application	The Cacti Group	Cacti	0.8.2	All	All	All
Application	The Cacti Group	Cacti	0.8.2a	All	All	All
Application	The Cacti Group	Cacti	0.8.3	All	All	All
Application	The Cacti Group	Cacti	0.8.3a	All	All	All
Application	The Cacti Group	Cacti	0.8.4	All	All	All
Application	The Cacti Group	Cacti	0.8.5	All	All	All
Application	The Cacti Group	Cacti	0.8.5a	All	All	All
Application	The Cacti Group	Cacti	0.8.6	All	All	All
Application	The Cacti Group	Cacti	0.8.6a	All	All	All
Application	The Cacti Group	Cacti	0.8.6b	All	All	All
Application	The Cacti Group	Cacti	0.8.6c	All	All	All
Application	The Cacti Group	Cacti	0.8.6d	All	All	All
Application	The Cacti Group	Cacti	0.8.6e	All	All	All

Reference	Source	Link	Tags
SecurityFocus	BUGTRAQ	www.securityfocus.com
RaXnet Cacti Graph_Image.PHP Remote Command Execution Variant Vulnerability	BID	www.securityfocus.com
Hardened PHP - Hardened-PHP	MISC	www.hardened-php.net	Patch
SecurityFocus	BUGTRAQ	www.securityfocus.com
Secunia - Advisories - Cacti Multiple Vulnerabilities	SECUNIA	secunia.com
Hardened PHP - Hardened-PHP	MISC	www.hardened-php.net	Patch, Vendor Advisory
www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch	CONFIRM	www.cacti.net	Patch
IBM X-Force Exchange	XF	exchange.xforce.ibmcloud.com
SecurityTracker.com Archives - Cacti Input Validation Holes Let Remote Users Inject SQL Commands, Bypass Authentication, and Execute Arbitrary Commands	SECTRACK	securitytracker.com
Page not found - SourceForge.net	MLIST	sourceforge.net	Patch
Webmail - OVH	VUPEN	www.vupen.com
RaXnet Cacti Input Filter Multiple SQL Injection Vulnerabilities	BID	www.securityfocus.com
Debian -- Security Information -- DSA-764-1 cacti	DEBIAN	www.debian.org
IBM X-Force Exchange	XF	exchange.xforce.ibmcloud.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.