Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2005-2148
PUBLISHED
More InfoOfficial Page
Assigner-debian
Assigner Org ID-79363d38-fa19-49d1-9214-5f28da3f3ac5
View Known Exploited Vulnerability (KEV) details
Published At-06 Jul, 2005 | 04:00
Updated At-07 Aug, 2024 | 22:15
Rejected At-
▼CVE Numbering Authority (CNA)

Cacti 0.8.6e and earlier does not perform proper input validation to protect against common attacks, which allows remote attackers to execute arbitrary commands or SQL by sending a legitimate value in a POST request or cookie, then specifying the attack string in the URL, which causes the get_request_var function to return the wrong value in the $_REQUEST variable, which is cleansed while the original malicious $_GET value remains unmodified, as demonstrated in (1) graph_image.php and (2) graph.php.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/21270
vdb-entry
x_refsource_XF
http://www.hardened-php.net/advisory-032005.php
x_refsource_MISC
http://www.securityfocus.com/archive/1/404047/30/30/threaded
mailing-list
x_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/404054
mailing-list
x_refsource_BUGTRAQ
http://sourceforge.net/mailarchive/forum.php?forum_id=10360&max_rows=25&style=flat&viewmonth=200507&viewday=1
mailing-list
x_refsource_MLIST
https://exchange.xforce.ibmcloud.com/vulnerabilities/21266
vdb-entry
x_refsource_XF
http://www.vupen.com/english/advisories/2005/0951
vdb-entry
x_refsource_VUPEN
http://www.debian.org/security/2005/dsa-764
vendor-advisory
x_refsource_DEBIAN
http://www.securityfocus.com/bid/14128
vdb-entry
x_refsource_BID
http://secunia.com/advisories/15490
third-party-advisory
x_refsource_SECUNIA
http://securitytracker.com/id?1014361
vdb-entry
x_refsource_SECTRACK
http://www.securityfocus.com/bid/14129
vdb-entry
x_refsource_BID
http://www.hardened-php.net/advisory-042005.php
x_refsource_MISC
Hyperlink: http://www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch
Resource:
x_refsource_CONFIRM
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/21270
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://www.hardened-php.net/advisory-032005.php
Resource:
x_refsource_MISC
Hyperlink: http://www.securityfocus.com/archive/1/404047/30/30/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.securityfocus.com/archive/1/404054
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://sourceforge.net/mailarchive/forum.php?forum_id=10360&max_rows=25&style=flat&viewmonth=200507&viewday=1
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/21266
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://www.vupen.com/english/advisories/2005/0951
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.debian.org/security/2005/dsa-764
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www.securityfocus.com/bid/14128
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://secunia.com/advisories/15490
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://securitytracker.com/id?1014361
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://www.securityfocus.com/bid/14129
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.hardened-php.net/advisory-042005.php
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch
x_refsource_CONFIRM
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/21270
vdb-entry
x_refsource_XF
x_transferred
http://www.hardened-php.net/advisory-032005.php
x_refsource_MISC
x_transferred
http://www.securityfocus.com/archive/1/404047/30/30/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.securityfocus.com/archive/1/404054
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://sourceforge.net/mailarchive/forum.php?forum_id=10360&max_rows=25&style=flat&viewmonth=200507&viewday=1
mailing-list
x_refsource_MLIST
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/21266
vdb-entry
x_refsource_XF
x_transferred
http://www.vupen.com/english/advisories/2005/0951
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.debian.org/security/2005/dsa-764
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www.securityfocus.com/bid/14128
vdb-entry
x_refsource_BID
x_transferred
http://secunia.com/advisories/15490
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://securitytracker.com/id?1014361
vdb-entry
x_refsource_SECTRACK
x_transferred
http://www.securityfocus.com/bid/14129
vdb-entry
x_refsource_BID
x_transferred
http://www.hardened-php.net/advisory-042005.php
x_refsource_MISC
x_transferred
Hyperlink: http://www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/21270
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www.hardened-php.net/advisory-032005.php
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/404047/30/30/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/404054
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://sourceforge.net/mailarchive/forum.php?forum_id=10360&max_rows=25&style=flat&viewmonth=200507&viewday=1
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/21266
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2005/0951
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.debian.org/security/2005/dsa-764
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www.securityfocus.com/bid/14128
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://secunia.com/advisories/15490
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://securitytracker.com/id?1014361
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://www.securityfocus.com/bid/14129
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.hardened-php.net/advisory-042005.php
Resource:
x_refsource_MISC
x_transferred
Details not found