CVE-2005-2149 - OpenCVE

config.php in Cacti 0.8.6e and earlier allows remote attackers to set the no_http_headers switch, then modify session information to gain privileges and disable the use of addslashes to conduct SQL injection attacks.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
The Cacti Group	Cacti

Configuration 1 [-]

OR	cpe:2.3:a:the_cacti_group:cacti:0.8:::::::*
	cpe:2.3:a:the_cacti_group:cacti:0.8.1:::::::*
	cpe:2.3:a:the_cacti_group:cacti:0.8.2:::::::*
	cpe:2.3:a:the_cacti_group:cacti:0.8.2a:::::::*
	cpe:2.3:a:the_cacti_group:cacti:0.8.3:::::::*
	cpe:2.3:a:the_cacti_group:cacti:0.8.3a:::::::*
	cpe:2.3:a:the_cacti_group:cacti:0.8.4:::::::*
	cpe:2.3:a:the_cacti_group:cacti:0.8.5:::::::*
	cpe:2.3:a:the_cacti_group:cacti:0.8.5a:::::::*
	cpe:2.3:a:the_cacti_group:cacti:0.8.6:::::::*
	cpe:2.3:a:the_cacti_group:cacti:0.8.6a:::::::*
	cpe:2.3:a:the_cacti_group:cacti:0.8.6b:::::::*
	cpe:2.3:a:the_cacti_group:cacti:0.8.6c:::::::*
	cpe:2.3:a:the_cacti_group:cacti:0.8.6d:::::::*
	cpe:2.3:a:the_cacti_group:cacti:0.8.6e:::::::*

No data.

References

Link	Providers
http://securitytracker.com/id?1014361
http://sourceforge.net/mailarchive/forum.php?forum_id=10360&max_rows=25&style=flat&viewmonth=200507&viewday=1
http://www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch
http://www.debian.org/security/2005/dsa-764
http://www.hardened-php.net/advisory-052005.php
http://www.securityfocus.com/archive/1/404040
http://www.securityfocus.com/bid/14130
http://www.vupen.com/english/advisories/2005/0951

History

No history.

MITRE

Status: PUBLISHED

Assigner: debian

Published: 2005-07-06T04:00:00

Updated: 2024-08-07T22:15:37.380Z

Reserved: 2005-07-06T00:00:00

Link: CVE-2005-2149

Vulnrichment

No data.

NVD

Status : Modified

Published: 2005-07-06T04:00:00.000

Modified: 2011-03-08T02:23:29.720

Link: CVE-2005-2149

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2005-07-01T00:00:00", "descriptions": [{"lang": "en", "value": "config.php in Cacti 0.8.6e and earlier allows remote attackers to set the no_http_headers switch, then modify session information to gain privileges and disable the use of addslashes to conduct SQL injection attacks."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2006-09-07T09:00:00", "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "shortName": "debian"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch"}, {"tags": ["x_refsource_MISC"], "url": "http://www.hardened-php.net/advisory-052005.php"}, {"name": "14130", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/14130"}, {"name": "[cacti-announce] 20050701 Cacti 0.8.6f Released", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://sourceforge.net/mailarchive/forum.php?forum_id=10360&max_rows=25&style=flat&viewmonth=200507&viewday=1"}, {"name": "ADV-2005-0951", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2005/0951"}, {"name": "DSA-764", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2005/dsa-764"}, {"name": "1014361", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1014361"}, {"name": "20050702 Advisory 05/2005: Cacti Authentification/Addslashes Bypass Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/404040"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@debian.org", "ID": "CVE-2005-2149", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "config.php in Cacti 0.8.6e and earlier allows remote attackers to set the no_http_headers switch, then modify session information to gain privileges and disable the use of addslashes to conduct SQL injection attacks."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch", "refsource": "CONFIRM", "url": "http://www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch"}, {"name": "http://www.hardened-php.net/advisory-052005.php", "refsource": "MISC", "url": "http://www.hardened-php.net/advisory-052005.php"}, {"name": "14130", "refsource": "BID", "url": "http://www.securityfocus.com/bid/14130"}, {"name": "[cacti-announce] 20050701 Cacti 0.8.6f Released", "refsource": "MLIST", "url": "http://sourceforge.net/mailarchive/forum.php?forum_id=10360&max_rows=25&style=flat&viewmonth=200507&viewday=1"}, {"name": "ADV-2005-0951", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2005/0951"}, {"name": "DSA-764", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2005/dsa-764"}, {"name": "1014361", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1014361"}, {"name": "20050702 Advisory 05/2005: Cacti Authentification/Addslashes Bypass Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/404040"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T22:15:37.380Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.hardened-php.net/advisory-052005.php"}, {"name": "14130", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/14130"}, {"name": "[cacti-announce] 20050701 Cacti 0.8.6f Released", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://sourceforge.net/mailarchive/forum.php?forum_id=10360&max_rows=25&style=flat&viewmonth=200507&viewday=1"}, {"name": "ADV-2005-0951", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2005/0951"}, {"name": "DSA-764", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2005/dsa-764"}, {"name": "1014361", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1014361"}, {"name": "20050702 Advisory 05/2005: Cacti Authentification/Addslashes Bypass Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/404040"}]}]}, "cveMetadata": {"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "assignerShortName": "debian", "cveId": "CVE-2005-2149", "datePublished": "2005-07-06T04:00:00", "dateReserved": "2005-07-06T00:00:00", "dateUpdated": "2024-08-07T22:15:37.380Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8:*:*:*:*:*:*:*", "matchCriteriaId": "B3BBF3F3-18C0-49C5-99B0-80FCD133532B", "vulnerable": true}, {"criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "D1896A7C-6938-494D-90A5-E10BC91EB37D", "vulnerable": true}, {"criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "19CD9A10-32F6-45A4-8793-87E0C2E78675", "vulnerable": true}, {"criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8.2a:*:*:*:*:*:*:*", "matchCriteriaId": "C6EF1390-E1B5-45B0-8732-A7004351E1BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "5D3D7996-E56A-4B72-864E-EC6037028351", "vulnerable": true}, {"criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8.3a:*:*:*:*:*:*:*", "matchCriteriaId": "000AE712-7298-4CA1-930B-4DF372671EDD", "vulnerable": true}, {"criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "CFD258DF-CB70-484C-9A6F-F9ABDB012C8C", "vulnerable": true}, {"criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "DFF12ADC-83AA-45FE-9678-F49D05234D39", "vulnerable": true}, {"criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8.5a:*:*:*:*:*:*:*", "matchCriteriaId": "43FD0F4A-4811-4B4A-AF03-8FBC63A99CE9", "vulnerable": true}, {"criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "166938A7-2DE3-456D-BE47-6041895E2204", "vulnerable": true}, {"criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8.6a:*:*:*:*:*:*:*", "matchCriteriaId": "C7C5ABA2-9BCB-420A-A9E3-8B590F3DD4C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8.6b:*:*:*:*:*:*:*", "matchCriteriaId": "EB59E467-8AA1-4D95-B81A-2EFF6F19C34A", "vulnerable": true}, {"criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8.6c:*:*:*:*:*:*:*", "matchCriteriaId": "81F29217-19A4-453D-8290-D35049E45160", "vulnerable": true}, {"criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8.6d:*:*:*:*:*:*:*", "matchCriteriaId": "B424B2E4-5F57-411D-8A69-91E8975A7D33", "vulnerable": true}, {"criteria": "cpe:2.3:a:the_cacti_group:cacti:0.8.6e:*:*:*:*:*:*:*", "matchCriteriaId": "1CAB1F6F-06D2-40C7-9D9C-0ABAADDEAC72", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "config.php in Cacti 0.8.6e and earlier allows remote attackers to set the no_http_headers switch, then modify session information to gain privileges and disable the use of addslashes to conduct SQL injection attacks."}], "id": "CVE-2005-2149", "lastModified": "2011-03-08T02:23:29.720", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2005-07-06T04:00:00.000", "references": [{"source": "security@debian.org", "url": "http://securitytracker.com/id?1014361"}, {"source": "security@debian.org", "tags": ["Patch"], "url": "http://sourceforge.net/mailarchive/forum.php?forum_id=10360&max_rows=25&style=flat&viewmonth=200507&viewday=1"}, {"source": "security@debian.org", "tags": ["Patch"], "url": "http://www.cacti.net/downloads/patches/0.8.6e/cacti-0.8.6f_security.patch"}, {"source": "security@debian.org", "url": "http://www.debian.org/security/2005/dsa-764"}, {"source": "security@debian.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.hardened-php.net/advisory-052005.php"}, {"source": "security@debian.org", "url": "http://www.securityfocus.com/archive/1/404040"}, {"source": "security@debian.org", "url": "http://www.securityfocus.com/bid/14130"}, {"source": "security@debian.org", "url": "http://www.vupen.com/english/advisories/2005/0951"}], "sourceIdentifier": "security@debian.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}