CVE-2008-0786 Information

Feb 14, 2021 cve

Description

CRLF injection vulnerability in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k when running on older PHP interpreters allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

Reference

http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html http://secunia.com/advisories/28872 http://secunia.com/advisories/28976 http://secunia.com/advisories/29242 http://secunia.com/advisories/29274 http://security.gentoo.org/glsa/glsa-200803-18.xml http://securityreason.com/securityalert/3657 http://www.cacti.net/release_notes_0_8_7b.php http://www.mandriva.com/security/advisories?name=MDVSA-2008:052 http://www.securityfocus.com/archive/1/488013/100/0/threaded http://www.securityfocus.com/archive/1/488018/100/0/threaded http://www.securityfocus.com/bid/27749 http://www.securitytracker.com/id?1019414 http://www.vupen.com/english/advisories/2008/0540 https://bugzilla.redhat.com/show_bug.cgi?id=432758 https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00570.html https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00593.html

Share on: