|
Family: CGI abuses --> Category: attack
Cacti < 0.8.6e Multiple Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary Checks for multiple vulnerabilities in Cacti < 0.8.6e
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a PHP application that suffers from
multiple vulnerabilities.
Description :
The remote host is running Cacti, a web-based frontend to RRDTool for
network graphing.
The version of Cacti on the remote host suffers from several
vulnerabilities that may allow a possible hacker to browse arbitrary files
on the affected system, execute arbitrary code from the affected or a
third-party system, and launch SQL injection attacks against the
affected site.
See also :
http://www.idefense.com/application/poi/display?id=265
http://www.idefense.com/application/poi/display?id=266
http://www.idefense.com/application/poi/display?id=267
http://www.securityfocus.com/archive/1/403174/30/0/threaded
Solution :
Upgrade to Cacti 0.8.6e or later.
Threat Level:
High / CVSS Base Score : 7
(AV:R/AC:L/Au:NR/C:P/A:P/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|