• Login| Registreer
Likes Likes:  0
Resultaten 1 tot 2 van de 2
Geen
  1. #1
    Mikey
    Mikey is offline. 18/08/04 23:40
    Mikey's Avatar
    security: cacti sql injection 0.8.5 and prior
    moderator
    7.022 Berichten
    Ingeschreven
    29/07/03

    Locatie
    Nijmegen

    Post Thanks / Like
    Mentioned
    12 Post(s)
    Tagged
    0 Thread(s)
    175 Berichten zijn liked


    Naam: Mike
    Bedrijf: admin.nu
    URL: www.admin.nu
    Registrar SIDN: Ja
    KvK nummer: 09139651

    Thread Starter

    security: cacti sql injection 0.8.5 and prior

    Ter info, lang niet iedereen volgt de security mailings even goed, en er toch genoeg cacti users zijn dacht ik, laat ik het maar posten.
    TITLE:
    Cacti SQL Injection and Path Disclosure Vulnerability

    SECUNIA ADVISORY ID:
    SA12308

    VERIFY ADVISORY:
    http://secunia.com/advisories/12308/

    CRITICAL:
    Moderately critical

    IMPACT:
    Manipulation of data, Exposure of system information

    WHERE:
    From remote

    SOFTWARE:
    cacti 0.x
    http://secunia.com/product/3793/

    DESCRIPTION:
    Fernando Quintero has reported two vulnerabilities in Cacti, which
    can be exploited by malicious people to see the installation path and
    conduct SQL injection attacks.

    1) Path information can be disclosed in error pages by passing
    invalid input or accessing scripts directly.

    Examples:
    http://[victim]/cacti/include/auth.php
    http://[victim]/cacti/auth_login.php?action=login
    http://[victim]/cacti/auth_changepassword.php?ref=indexphp&action=change password&password=aaaaaa&confirm=aaaaaa&submit=Sav e

    2) Input passed to the "username" and "password" parameters in
    "auth_login.php" isn't properly verified before being used in SQL
    queries. This can be exploited to manipulate SQL queries by injecting
    arbitrary SQL code in order to change the administrator's password and
    login without supplying a password.

    Successful exploitation requires that "magic_quotes_gpc" is
    disabled.

    The vulnerabilities have been reported in version 0.8.5 and prior.

    SOLUTION:
    Set "magic_quotes_gpc" to "on".

    The fix that the vendor has added in the CVS repository for
    "auth_login.php" is not sufficient. Malicious people can still inject
    arbitrary SQL code and thereby bypass the user authentication.

    PROVIDED AND/OR DISCOVERED BY:
    Fernando Quintero

    ----------------------------------------------------------------------

    About:
    This Advisory was delivered by Secunia as a free service to help
    everybody keeping their systems up to date against the latest
    vulnerabilities.

    Subscribe:
    http://secunia.com/secunia_security_advisories/

    Definitions: (Criticality, Where etc.)
    http://secunia.com/about_secunia_advisories/


    Please Note:
    Secunia recommends that you verify all advisories you receive by
    clicking the link.
    Secunia NEVER sends attached files with advisories.
    Secunia does not advise people to install third party patches, only
    use those supplied by the vendor.

    ----------------------------------------------------------------------
    Quote Quote
    "Zo zijn ook wij één leverancier. Dé leverancier in gedegen Linux kennis, wanneer jij dat nodig hebt."
    Boek je admin vandaag nog via : www.admin.nu
    Gevestigd in Nederland en Moldavië

    Lees hier de webhostingtalk.nl forum regels en voorwaarden!


  3. #2
    mdf
    mdf is offline. 19/08/04 11:26
    security: cacti sql injection 0.8.5 and prior
    I route,therefore you are
    1.370 Berichten
    Ingeschreven
    14/10/03

    Locatie
    Nederland

    Post Thanks / Like
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    0 Berichten zijn liked


    Registrar SIDN: nee
    KvK nummer: nvt
    Ondernemingsnummer: nvt

    Thanks, we gaan er naar kijken...
    Quote Quote
« Vorig Onderwerp | Volgend Onderwerp »

Webhostingtalk.nl

Link met ons

Partners

Contact

  • Rokin 113-115
  • 1012 KP, Amsterdam
  • Nederland
  • Contact
© Copyright 2001-2021 Webhostingtalk.nl.
Web Statistics