CVE-2005-2149 - OpenCVE

config.php in Cacti 0.8.6e and earlier allows remote attackers to set the no_http_headers switch, then modify session information to gain privileges and disable the use of addslashes to conduct SQL injection attacks.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
The Cacti Group	Cacti

Configuration 1 [-]

OR	cpe:2.3:a:the_cacti_group:cacti:0.8:::::::*
	cpe:2.3:a:the_cacti_group:cacti:0.8.1:::::::*
	cpe:2.3:a:the_cacti_group:cacti:0.8.2:::::::*
	cpe:2.3:a:the_cacti_group:cacti:0.8.2a:::::::*
	cpe:2.3:a:the_cacti_group:cacti:0.8.3:::::::*
	cpe:2.3:a:the_cacti_group:cacti:0.8.3a:::::::*
	cpe:2.3:a:the_cacti_group:cacti:0.8.4:::::::*
	cpe:2.3:a:the_cacti_group:cacti:0.8.5:::::::*
	cpe:2.3:a:the_cacti_group:cacti:0.8.5a:::::::*
	cpe:2.3:a:the_cacti_group:cacti:0.8.6:::::::*
	cpe:2.3:a:the_cacti_group:cacti:0.8.6a:::::::*
	cpe:2.3:a:the_cacti_group:cacti:0.8.6b:::::::*
	cpe:2.3:a:the_cacti_group:cacti:0.8.6c:::::::*
	cpe:2.3:a:the_cacti_group:cacti:0.8.6d:::::::*
	cpe:2.3:a:the_cacti_group:cacti:0.8.6e:::::::*

References

Link	Resource
http://securitytracker.com/id?1014361
http://sourceforge.net/mailarchive/forum.php?forum_id=10360&max_rows=25&style=flat&viewmonth=200507&viewday=1	Patch
http://www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch	Patch
http://www.debian.org/security/2005/dsa-764
http://www.hardened-php.net/advisory-052005.php	Patch Vendor Advisory
http://www.securityfocus.com/archive/1/404040
http://www.securityfocus.com/bid/14130
http://www.vupen.com/english/advisories/2005/0951

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: debian

Published: 2005-07-06T04:00:00

Updated: 2006-09-07T09:00:00

Reserved: 2005-07-06T00:00:00

Link: CVE-2005-2149

JSON object: View

NVD Information

Status : Modified

Published: 2005-07-06T04:00:00.000

Modified: 2011-03-08T02:23:29.720

Link: CVE-2005-2149

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2005-07-01T00:00:00", "descriptions": [{"lang": "en", "value": "config.php in Cacti 0.8.6e and earlier allows remote attackers to set the no_http_headers switch, then modify session information to gain privileges and disable the use of addslashes to conduct SQL injection attacks."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2006-09-07T09:00:00", "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "shortName": "debian"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch"}, {"tags": ["x_refsource_MISC"], "url": "http://www.hardened-php.net/advisory-052005.php"}, {"name": "14130", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/14130"}, {"name": "[cacti-announce] 20050701 Cacti 0.8.6f Released", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://sourceforge.net/mailarchive/forum.php?forum_id=10360&max_rows=25&style=flat&viewmonth=200507&viewday=1"}, {"name": "ADV-2005-0951", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2005/0951"}, {"name": "DSA-764", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2005/dsa-764"}, {"name": "1014361", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1014361"}, {"name": "20050702 Advisory 05/2005: Cacti Authentification/Addslashes Bypass Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/404040"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@debian.org", "ID": "CVE-2005-2149", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "config.php in Cacti 0.8.6e and earlier allows remote attackers to set the no_http_headers switch, then modify session information to gain privileges and disable the use of addslashes to conduct SQL injection attacks."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch", "refsource": "CONFIRM", "url": "http://www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch"}, {"name": "http://www.hardened-php.net/advisory-052005.php", "refsource": "MISC", "url": "http://www.hardened-php.net/advisory-052005.php"}, {"name": "14130", "refsource": "BID", "url": "http://www.securityfocus.com/bid/14130"}, {"name": "[cacti-announce] 20050701 Cacti 0.8.6f Released", "refsource": "MLIST", "url": "http://sourceforge.net/mailarchive/forum.php?forum_id=10360&max_rows=25&style=flat&viewmonth=200507&viewday=1"}, {"name": "ADV-2005-0951", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2005/0951"}, {"name": "DSA-764", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2005/dsa-764"}, {"name": "1014361", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1014361"}, {"name": "20050702 Advisory 05/2005: Cacti Authentification/Addslashes Bypass Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/404040"}]}}}}, "cveMetadata": {"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "assignerShortName": "debian", "cveId": "CVE-2005-2149", "datePublished": "2005-07-06T04:00:00", "dateReserved": "2005-07-06T00:00:00", "dateUpdated": "2006-09-07T09:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8:*:*:*:*:*:*:*", "matchCriteriaId": "B3BBF3F3-18C0-49C5-99B0-80FCD133532B", "vulnerable": true}, {"criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "D1896A7C-6938-494D-90A5-E10BC91EB37D", "vulnerable": true}, {"criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "19CD9A10-32F6-45A4-8793-87E0C2E78675", "vulnerable": true}, {"criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8.2a:*:*:*:*:*:*:*", "matchCriteriaId": "C6EF1390-E1B5-45B0-8732-A7004351E1BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "5D3D7996-E56A-4B72-864E-EC6037028351", "vulnerable": true}, {"criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8.3a:*:*:*:*:*:*:*", "matchCriteriaId": "000AE712-7298-4CA1-930B-4DF372671EDD", "vulnerable": true}, {"criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "CFD258DF-CB70-484C-9A6F-F9ABDB012C8C", "vulnerable": true}, {"criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "DFF12ADC-83AA-45FE-9678-F49D05234D39", "vulnerable": true}, {"criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8.5a:*:*:*:*:*:*:*", "matchCriteriaId": "43FD0F4A-4811-4B4A-AF03-8FBC63A99CE9", "vulnerable": true}, {"criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "166938A7-2DE3-456D-BE47-6041895E2204", "vulnerable": true}, {"criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8.6a:*:*:*:*:*:*:*", "matchCriteriaId": "C7C5ABA2-9BCB-420A-A9E3-8B590F3DD4C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8.6b:*:*:*:*:*:*:*", "matchCriteriaId": "EB59E467-8AA1-4D95-B81A-2EFF6F19C34A", "vulnerable": true}, {"criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8.6c:*:*:*:*:*:*:*", "matchCriteriaId": "81F29217-19A4-453D-8290-D35049E45160", "vulnerable": true}, {"criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8.6d:*:*:*:*:*:*:*", "matchCriteriaId": "B424B2E4-5F57-411D-8A69-91E8975A7D33", "vulnerable": true}, {"criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8.6e:*:*:*:*:*:*:*", "matchCriteriaId": "1CAB1F6F-06D2-40C7-9D9C-0ABAADDEAC72", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "config.php in Cacti 0.8.6e and earlier allows remote attackers to set the no_http_headers switch, then modify session information to gain privileges and disable the use of addslashes to conduct SQL injection attacks."}], "id": "CVE-2005-2149", "lastModified": "2011-03-08T02:23:29.720", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2005-07-06T04:00:00.000", "references": [{"source": "security@debian.org", "url": "http://securitytracker.com/id?1014361"}, {"source": "security@debian.org", "tags": ["Patch"], "url": "http://sourceforge.net/mailarchive/forum.php?forum_id=10360&max_rows=25&style=flat&viewmonth=200507&viewday=1"}, {"source": "security@debian.org", "tags": ["Patch"], "url": "http://www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch"}, {"source": "security@debian.org", "url": "http://www.debian.org/security/2005/dsa-764"}, {"source": "security@debian.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.hardened-php.net/advisory-052005.php"}, {"source": "security@debian.org", "url": "http://www.securityfocus.com/archive/1/404040"}, {"source": "security@debian.org", "url": "http://www.securityfocus.com/bid/14130"}, {"source": "security@debian.org", "url": "http://www.vupen.com/english/advisories/2005/0951"}], "sourceIdentifier": "security@debian.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}