HTTP: Cacti RRD Remote File Inclusion

This signature detects an attempt to force the Cacti RRD PHP application to include a remote file for configuration. This vulnerability could lead to compromise of the remote server and privilege escalation.

Extended Description

RaXnet Cacti is prone to a remote command execution vulnerability that manifests in the 'graph_image.php' script. The issue is due to a bug in the input filters that leads to a failure in the application to properly sanitize user-supplied input. This issue can facilitate various attacks including unauthorized access to an affected computer.

Affected Products

Raxnet cacti

References

BugTraq: 14129

CVE: CVE-2005-1524

URL: http://www.cacti.net/release_notes_0_8_6e.php http://www.idefense.com/application/poi/display?id=265&type=vulnerabilities http://www.gentoo.org/security/en/glsa/glsa-200506-20.xml

Short Name

HTTP:PHP:CACTI-RRD-FILE-INC

Severity

Major

Recommended

False

Recommended Action

Drop

HTTP: Cacti RRD Remote File Inclusion

Extended Description

Affected Products

References

Found a potential security threat?