CVE-2002-1477

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2002-1477
graphs.php in Cacti before 0.6.8 allows remote authenticated Cacti administrators to execute arbitrary commands via shell metacharacters in the title during edit mode.

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://archives.neohapsis.com/archives/bugtraq/2002-09/0028.html Exploit Patch Vendor Advisory
http://www.debian.org/security/2002/dsa-164 Patch Vendor Advisory
http://www.iss.net/security_center/static/10048.php Patch Vendor Advisory
http://www.knights-of-the-routing-table.org/advisories/krt_001_20020903_cacti.txt URL Repurposed
http://www.securityfocus.com/bid/5627
http://archives.neohapsis.com/archives/bugtraq/2002-09/0028.html Exploit Patch Vendor Advisory
http://www.debian.org/security/2002/dsa-164 Patch Vendor Advisory
http://www.iss.net/security_center/static/10048.php Patch Vendor Advisory
http://www.knights-of-the-routing-table.org/advisories/krt_001_20020903_cacti.txt URL Repurposed
http://www.securityfocus.com/bid/5627
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:the_cacti_group:cacti:0.5:*:*:*:*:*:*:*
cpe:2.3:a:the_cacti_group:cacti:0.6:*:*:*:*:*:*:*
cpe:2.3:a:the_cacti_group:cacti:0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:the_cacti_group:cacti:0.6.2:*:*:*:*:*:*:*
cpe:2.3:a:the_cacti_group:cacti:0.6.3:*:*:*:*:*:*:*
cpe:2.3:a:the_cacti_group:cacti:0.6.4:*:*:*:*:*:*:*
cpe:2.3:a:the_cacti_group:cacti:0.6.5:*:*:*:*:*:*:*
cpe:2.3:a:the_cacti_group:cacti:0.6.6:*:*:*:*:*:*:*
cpe:2.3:a:the_cacti_group:cacti:0.6.7:*:*:*:*:*:*:*
cpe:2.3:a:the_cacti_group:cacti:0.6.8:*:*:*:*:*:*:*
History

20 Nov 2024, 23:41

Type Values Removed Values Added
References () http://archives.neohapsis.com/archives/bugtraq/2002-09/0028.html - Exploit, Patch, Vendor Advisory () http://archives.neohapsis.com/archives/bugtraq/2002-09/0028.html - Exploit, Patch, Vendor Advisory
References () http://www.debian.org/security/2002/dsa-164 - Patch, Vendor Advisory () http://www.debian.org/security/2002/dsa-164 - Patch, Vendor Advisory
References () http://www.iss.net/security_center/static/10048.php - Patch, Vendor Advisory () http://www.iss.net/security_center/static/10048.php - Patch, Vendor Advisory
References () http://www.knights-of-the-routing-table.org/advisories/krt_001_20020903_cacti.txt - URL Repurposed () http://www.knights-of-the-routing-table.org/advisories/krt_001_20020903_cacti.txt - URL Repurposed
References () http://www.securityfocus.com/bid/5627 - () http://www.securityfocus.com/bid/5627 -

14 Feb 2024, 01:17

Type Values Removed Values Added
References (MISC) http://www.knights-of-the-routing-table.org/advisories/krt_001_20020903_cacti.txt - (MISC) http://www.knights-of-the-routing-table.org/advisories/krt_001_20020903_cacti.txt - URL Repurposed
Information

Published : 2003-04-22 04:00

Updated : 2024-11-20 23:41

NVD link : CVE-2002-1477

Mitre link : CVE-2002-1477

CVE.ORG link : CVE-2002-1477

JSON object : View

Products Affected

the_cacti_group

  • cacti
CWE
NVD-CWE-Other

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024