CVE-2010-1645 Information

Feb 14, 2021 cve

Description

Cacti before 0.8.7f as used in Red Hat High Performance Computing (HPC) Solution and other products allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in (1) the FQDN field of a Device or (2) the Vertical Label field of a Graph Template.

Reference

http://secunia.com/advisories/41041 http://svn.cacti.net/viewvc?view=rev&revision=5778 http://svn.cacti.net/viewvc?view=rev&revision=5782 http://svn.cacti.net/viewvc?view=rev&revision=5784 http://www.bonsai-sec.com/en/research/vulnerabilities/cacti-os-command-injection-0105.php http://www.cacti.net/release_notes_0_8_7f.php http://www.mandriva.com/security/advisories?name=MDVSA-2010:160 http://www.vupen.com/english/advisories/2010/2132 https://bugzilla.redhat.com/show_bug.cgi?id=609115 https://rhn.redhat.com/errata/RHSA-2010-0635.html

Share on: