Описание
config.php in Cacti 0.8.6e and earlier allows remote attackers to set the no_http_headers switch, then modify session information to gain privileges and disable the use of addslashes to conduct SQL injection attacks.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 0.8.6h-1ubuntu3.1 |
| devel | released | 0.8.6i-3 |
| edgy | released | 0.8.6h-3ubuntu0.1 |
| feisty | released | 0.8.6i-3 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
10 Critical
CVSS2
Связанные уязвимости
config.php in Cacti 0.8.6e and earlier allows remote attackers to set the no_http_headers switch, then modify session information to gain privileges and disable the use of addslashes to conduct SQL injection attacks.
config.php in Cacti 0.8.6e and earlier allows remote attackers to set ...
config.php in Cacti 0.8.6e and earlier allows remote attackers to set the no_http_headers switch, then modify session information to gain privileges and disable the use of addslashes to conduct SQL injection attacks.
10 Critical
CVSS2