HTTP: Cacti RRD Authentication Bypass
This signature detects attempts to exploit a known vulnerability against Cacti Round Robin Database (RRD) Tool. A successful exploitation can allow an attacker to gain privilege escalation through the Web application interface.
Extended Description
A design error affecting RaXnet Cacti can allow an attacker to prevent the 'session_start()' and 'addslashes()' functions from being called. The affected 'session_start()' and 'addslashes()' calls are nested inside an 'if' control statement that depends on an attacker-controlled value. Reports indicate that this value may be controlled through a URI parameter when 'register_globals' is set. A remote attacker may exploit these issues to gain administrative access to the affected software.
Affected Products
Conectiva linux
Short Name
HTTP:PHP:CACTI-RRD-AUTH-BYPASS
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
Authentication Bypass CVE-2005-2149 Cacti RRD bid:14130
Release Date
07/27/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Raxnet
Conectiva
CVSS Score
10.0