← voltar
CVE-2010-1645

CVE-2010-1645

EPSS 2.8%
Cacti before 0.8.7f, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in (1) the FQDN field of a Device or (2) the Vertical Label field of a Graph Template.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://bugzilla.redhat.com/show_bug.cgi?id=609115http://secunia.com/advisories/41041https://rhn.redhat.com/errata/RHSA-2010-0635.htmlhttp://svn.cacti.net/viewvc?view=rev&revision=5778http://svn.cacti.net/viewvc?view=rev&revision=5782http://svn.cacti.net/viewvc?view=rev&revision=5784http://www.bonsai-sec.com/en/research/vulnerabilities/cacti-os-command-injection-0105.phphttp://www.cacti.net/release_notes_0_8_7f.phphttp://www.mandriva.com/security/advisories?name=MDVSA-2010:160http://www.vupen.com/english/advisories/2010/2132