FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
04104985-d846-11de-84e4-00215af774f0cacti -- cross-site scripting issues

The cacti development team reports:

The Cross-Site Scripting patch has been posted.

This patch addresses cross-site scripting issues reported by Moritz Naumann.


Discovery 2009-11-21
Entry 2009-11-23
Modified 2010-05-02
cacti
lt 0.8.7e4

CVE-2009-4032
http://docs.cacti.net/#cross-site_scripting_fixes
0bfda05f-2e6f-11e5-a4a5-002590263bf5cacti -- Multiple XSS and SQL injection vulnerabilities

The Cacti Group, Inc. reports:

Important Security Fixes

  • Multiple XSS and SQL injection vulnerabilities
  • CVE-2015-4634 - SQL injection in graphs.php

Changelog

  • bug: Fixed various SQL Injection vectors
  • bug#0002574: SQL Injection Vulnerabilities in graph items and graph template items
  • bug#0002577: CVE-2015-4634 - SQL injection in graphs.php
  • bug#0002579: SQL Injection Vulnerabilities in data sources
  • bug#0002580: SQL Injection in cdef.php
  • bug#0002582: SQL Injection in data_templates.php
  • bug#0002583: SQL Injection in graph_templates.php
  • bug#0002584: SQL Injection in host_templates.php

Discovery 2015-07-12
Entry 2015-07-20
cacti
lt 0.8.8e

CVE-2015-4634
ports/201702
http://www.cacti.net/release_notes_0_8_8e.php
http://seclists.org/oss-sec/2015/q3/150
1cf00643-ed8a-11d9-8310-0001020eed82cacti -- multiple vulnerabilities

Stefan Esser reports:

Wrongly implemented user input filters lead to multiple SQL Injection vulnerabilities which can lead f.e. to disclosure of the admin password hash.

Wrongly implemented user input filters allows injection of user input into executed commandline.

Alberto Trivero posted his Remote Command Execution Exploit for Cacti <= 0.8.6d to Bugtraq on the 22th June. Having analysed his bug we come to the conclusion, that the malfunctioning input filters, which were already mentioned in the previous advisory are also responsible for this bug still being exploitable.

A HTTP headers bypass switch can also be used to completely bypass the authentification system of Cacti. As admin it is possible to execute shell commands with the permission of the webserver.

While looking at the source of Cacti a HTTP headers bypass switch was discovered, that also switches off a call to session_start() and the manual application of addslashes() in case of magic_quotes_gpc=Off.

When register_globals is turned on* an attacker can use this switch to disables Cacti's use of PHP's session support and therefore supply the session variables on his own through f.e. the URL. Additionally using the switch renders several SQL statements vulnerable to SQL Injections attacks, when magic_quotes_gpc is turned off, which is the recommended setting.

Logged in as an admin it is possible to issue shell commands.

(*) register_globals is turned off by default since PHP 4.2 but is activated on most servers because of older scripts requiring it.


Discovery 2005-06-22
Entry 2005-07-05
cacti
lt 0.8.6f

http://marc.theaimsgroup.com/?l=bugtraq&m=111954136315248
http://www.hardened-php.net/advisory-032005.php
http://www.hardened-php.net/advisory-042005.php
http://www.hardened-php.net/advisory-052005.php
41da2ba4-a24e-11db-bd24-000f3dcc6a5dcacti -- Multiple vulnerabilities

Secunia reports:

rgod has discovered four vulnerabilities in Cacti, which can be exploited by malicious people to bypass certain security restrictions, manipulate data and compromise vulnerable systems.


Discovery 2006-12-28
Entry 2007-01-12
cacti
lt 0.8.6i.4

http://secunia.com/advisories/23528/
http://forums.cacti.net/about18846-0-asc-0.html
5198ef84-4fdc-11df-83fb-0015587e2cc1cacti -- SQL injection and command execution vulnerabilities

Bonsai information security reports:

A Vulnerability has been discovered in Cacti, which can be exploited by any user to conduct SQL Injection attacks. Input passed via the "export_item_id" parameter to "templates_export.php" script is not properly sanitized before being used in a SQL query.

The same source also reported a command execution vulnerability. This second issue can be exploited by Cacti users who have the rights to modify device or graph configurations.


Discovery 2010-04-21
Entry 2010-04-24
Modified 2013-06-16
cacti
le 0.8.7e4

CVE-2010-1431
ports/146021
http://www.bonsai-sec.com/en/research/vulnerabilities/cacti-os-command-injection-0105.php
http://www.bonsai-sec.com/en/research/vulnerabilities/cacti-sql-injection-0104.php
http://www.debian.org/security/2010/dsa-2039
6167b341-250c-11e6-a6fb-003048f2e514cacti -- multiple vulnerabilities

The Cacti Group, Inc. reports:

Changelog

  • bug:0002667: Cacti SQL Injection Vulnerability
  • bug:0002673: CVE-2016-3659 - Cacti graph_view.php SQL Injection Vulnerability
  • bug:0002656: Authentication using web authentication as a user not in the cacti database allows complete access (regression)

Discovery 2016-04-04
Entry 2016-05-28
cacti
lt 0.8.8h

CVE-2016-3659
http://www.cacti.net/release_notes_0_8_8h.php
http://bugs.cacti.net/view.php?id=2673
http://seclists.org/fulldisclosure/2016/Apr/4
http://packetstormsecurity.com/files/136547/Cacti-0.8.8g-SQL-Injection.html
79c1154d-d5a5-11da-8098-00123ffe8333cacti -- ADOdb "server.php" Insecure Test Script Security Issue

Secunia reports:

Cacti have a security issue, which can be exploited by malicious people to execute arbitrary SQL code and potentially compromise a vulnerable system.

The problem is caused due to the presence of the insecure "server.php" test script.


Discovery 2006-01-09
Entry 2006-04-27
cacti
lt 0.8.6h

http://secunia.com/advisories/18276/
http://secunia.com/advisories/17418/
86224a04-26de-11ea-97f2-001a8c5c04b6cacti -- multiple vulnerabilities

The cacti developers reports:

When viewing graphs, some input variables are not properly checked (SQL injection possible).

Multiple instances of lib/functions.php are affected by unsafe deserialization of user-controlled data to populate arrays. An authenticated attacker could use this to influence object data values and control actions taken by Cacti or potentially cause memory corruption in the PHP module.


Discovery 2019-10-12
Entry 2020-01-06
cacti
lt 1.2.8

https://github.com/Cacti/cacti/releases/tag/release%2F1.2.8
CVE-2019-17357
CVE-2019-17358
ports/242834
96948a6a-e239-11d9-83cf-0010dc5df42dcacti -- potential SQL injection and cross site scripting attacks

iDEFENSE security group disclosed potential SQL injection attacks from unchecked user input and two security holes regarding potential cross site scripting attacks


Discovery 2005-06-21
Entry 2005-06-21
cacti
le 0.8.6d

http://www.cacti.net/release_notes_0_8_6e.php
a0e74731-181b-11e5-a1cf-002590263bf5cacti -- multiple security vulnerabilities

The Cacti Group, Inc. reports:

Important Security Fixes

  • CVE-2013-5588 - XSS issue via installer or device editing
  • CVE-2013-5589 - SQL injection vulnerability in device editing
  • CVE-2014-2326 - XSS issue via CDEF editing
  • CVE-2014-2327 - Cross-site request forgery (CSRF) vulnerability
  • CVE-2014-2328 - Remote Command Execution Vulnerability in graph export
  • CVE-2014-4002 - XSS issues in multiple files
  • CVE-2014-5025 - XSS issue via data source editing
  • CVE-2014-5026 - XSS issues in multiple files

Discovery 2014-11-23
Entry 2015-06-21
cacti
lt 0.8.8c

CVE-2013-5588
CVE-2013-5589
CVE-2014-2326
CVE-2014-2327
CVE-2014-2328
CVE-2014-4002
CVE-2014-5025
CVE-2014-5026
ports/198586
http://sourceforge.net/p/cacti/mailman/message/33072838/
http://www.cacti.net/release_notes_0_8_8c.php
a3929112-181b-11e5-a1cf-002590263bf5cacti -- Multiple XSS and SQL injection vulnerabilities

The Cacti Group, Inc. reports:

Important Security Fixes

  • Multiple XSS and SQL injection vulnerabilities

Changelog

  • bug: Fixed SQL injection VN: JVN#78187936 / TN:JPCERT#98968540
  • bug#0002542: [FG-VD-15-017] Cacti Cross-Site Scripting Vulnerability Notification
  • bug#0002571: SQL Injection and Location header injection from cdef id CVE-2015-4342
  • bug#0002572: SQL injection in graph template

Discovery 2015-06-09
Entry 2015-06-21
cacti
lt 0.8.8d

CVE-2015-4342
ports/200963
http://www.cacti.net/release_notes_0_8_8d.php
http://seclists.org/fulldisclosure/2015/Jun/19
b3b8d491-0fbb-11e3-8c50-1c6f65c11ee6cacti -- allow remote attackers to execute arbitrary SQL commands

Cacti release reports:

Multiple security vulnerabilities have been fixed:

  • SQL injection vulnerabilities

Discovery 2013-08-06
Entry 2013-08-29
cacti
lt 0.8.8b

CVE-2013-1434
CVE-2013-1435
http://www.cacti.net/release_notes_0_8_8b.php
bb961ff3-b3a4-11e5-8255-5453ed2e2b49cacti -- SQL injection vulnerabilities

NVD reports:

SQL injection vulnerability in include/top_graph_header.php in Cacti 0.8.8f and earlier allows remote attackers to execute arbitrary SQL commands via the rra_id parameter in a properties action to graph.php.


Discovery 2015-12-05
Entry 2016-01-05
cacti
le 0.8.8f_1

CVE-2015-8369
http://bugs.cacti.net/view.php?id=2646
http://svn.cacti.net/viewvc?view=rev&revision=7767
http://seclists.org/fulldisclosure/2015/Dec/8
ca543e06-207a-11d9-814e-0001020eed82cacti -- SQL injection

Fernando Quintero reports that Cacti 0.8.5a suffers from a SQL injection attack where an attacker can change the password for any Cacti user. This attack is not possible if the PHP option magic_quotes_gpc is set to On, which is the default for PHP in FreeBSD.


Discovery 2004-08-16
Entry 2004-10-17
cacti
lt 0.8.6

http://marc.theaimsgroup.com/?l=full-disclosure&m=109269427427368
cd2dc126-cfe4-11ea-9172-4c72b94353b5Cacti -- multiple vulnerabilities

Cacti developers reports:

Multiple fixes for bundled jQuery to prevent code exec (CVE-2020-11022, CVE-2020-11023).

PHPMail contains a escaping bug (CVE-2020-13625).

SQL Injection via color.php in Cacti (CVE-2020-14295).


Discovery 2020-07-15
Entry 2020-07-27
cacti
lt 1.2.13

https://www.cacti.net/release_notes.php?version=1.2.13
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11023
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13625
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14295
CVE-2020-11022
CVE-2020-11023
CVE-2020-13625
CVE-2020-14295
cd864f1a-8e5a-11ea-b5b4-641c67a117d8cacti -- XSS exposure

Cacti developer reports:

Lack of escaping of color items can lead to XSS exposure.


Discovery 2020-04-16
Entry 2020-05-04
cacti
lt 1.2.12

https://sourceforge.net/p/cacti/mailman/message/37000502/
https://github.com/Cacti/cacti/blob/release/1.2.12/CHANGELOG
CVE-2020-7106
ports/246164
db3301be-e01c-11e5-b2bd-002590263bf5cacti -- multiple vulnerabilities

The Cacti Group, Inc. reports:

Changelog

  • bug:0002652: CVE-2015-8604: SQL injection in graphs_new.php
  • bug:0002655: CVE-2015-8377: SQL injection vulnerability in the host_new_graphs_save function in graphs_new.php
  • bug:0002656: Authentication using web authentication as a user not in the cacti database allows complete access

Discovery 2016-02-21
Entry 2016-03-02
cacti
lt 0.8.8g

CVE-2015-8377
CVE-2015-8604
CVE-2016-2313
http://www.cacti.net/release_notes_0_8_8g.php
http://bugs.cacti.net/view.php?id=2652
http://bugs.cacti.net/view.php?id=2655
http://bugs.cacti.net/view.php?id=2656
http://www.openwall.com/lists/oss-security/2016/02/09/3
db570002-ce06-11e7-804e-c85b763a2f96cacti -- multiple vulnerabilities

cacti reports:

Changelog

issue#1057: CVE-2017-16641 - Potential vulnerability in RRDtool functions

issue#1066: CVE-2017-16660 in remote_agent.php logging function

issue#1066: CVE-2017-16661 in view log file

issue#1071: CVE-2017-16785 in global_session.php Reflection XSS


Discovery 2017-11-01
Entry 2017-11-20
cacti
lt 1.1.28

CVE-2017-16641
CVE-2017-16660
CVE-2017-16661
CVE-2017-16785
https://sourceforge.net/p/cacti/mailman/message/36122745/
dc3c66e8-6a18-11e7-93af-005056925db4Cacti -- Cross-site scripting (XSS) vulnerability in link.php

kimiizhang reports:

Cross-site scripting (XSS) vulnerability in link.php in Cacti

1.1.12 allows remote anonymous users to inject arbitrary web

script or HTML via the id parameter.


Discovery 2017-07-05
Entry 2017-07-17
cacti
ge 1.0.0 lt 1.1.13

https://github.com/Cacti/cacti/issues/838
https://www.cacti.net/release_notes.php?version=1.1.13
CVE-2017-10970
dea7df85-d96c-11dc-9bfc-000e0c092e7acacti -- Multiple security vulnerabilities have been discovered

The cacti development team reports:

Multiple security vulnerabilities have been discovered in Cacti's web interface:

  • XSS vulnerabilities
  • Path disclosure vulnerabilities
  • SQL injection vulnerabilities
  • HTTP response splitting vulnerabilities

Discovery 2008-02-12
Entry 2008-02-12
cacti
lt 0.8.7b

http://forums.cacti.net/about25749.html
e02e6a4e-6b26-11df-96b2-0015587e2cc1cacti -- multiple vulnerabilities

Multiple vulnerabilities have been reported to exist in older version of Cacti. The release notes of Cacti 0.8.7f summarizes the problems as follows:

  • SQL injection and shell escaping issues
  • Cross-site scripting issues
  • Cacti Graph Viewer SQL injection vulnerability

Discovery 2010-05-24
Entry 2010-06-24
cacti
lt 0.8.7f

http://php-security.org/2010/05/13/mops-2010-023-cacti-graph-viewer-sql-injection-vulnerability/index.html
http://www.cacti.net/release_notes_0_8_7f.php
http://www.bonsai-sec.com/en/research/vulnerabilities/cacti-os-command-injection-0105.php
http://www.vupen.com/english/advisories/2010/1204
e1cb9dc9-daa9-44db-adde-e94d900e2f7fcacti -- Cross Site Scripting issue

cacti developers report:

The file include/global_session.php in Cacti 1.1.25 has XSS related to (1) the URI or (2) the refresh page.


Discovery 2017-10-10
Entry 2017-10-19
cacti
lt 1.1.26

http://www.securitytracker.com/id/1039569
https://github.com/Cacti/cacti/commit/93f661d8adcfa6618b11522cdab30e97bada33fd
https://github.com/Cacti/cacti/issues/1010
CVE-2017-15194
e2b564fc-7462-11ea-af63-38d547003487cacti -- multiple vulnerabilities

The Cacti developers reports:

When guest users have access to realtime graphs, remote code could be executed (CVE-2020-8813).

Lack of escaping on some pages can lead to XSS exposure (CVE-2020-7106).

Remote Code Execution due to input validation failure in Performance Boost Debug Log (CVE-2020-7237).


Discovery 2020-02-04
Entry 2020-04-02
cacti
lt 1.2.10

https://github.com/Cacti/cacti/releases/tag/release%2F1.2.10
https://nvd.nist.gov/vuln/detail/CVE-2020-8813
https://nvd.nist.gov/vuln/detail/CVE-2020-7106
https://nvd.nist.gov/vuln/detail/CVE-2020-7237
CVE-2020-8813
CVE-2020-7106
CVE-2020-7237
ports/245198
e4cd0b38-c9f9-11eb-87e1-08002750c711cacti -- SQL Injection was possible due to incorrect validation order

Cati team reports:

Due to a lack of validation, data_debug.php can be the source of a SQL injection.


Discovery 2020-12-24
Entry 2021-06-10
Modified 2021-06-24
cacti
ge 1.2 lt 1.2.17

CVE-2020-35701
https://github.com/Cacti/cacti/issues/4022
ed18aa92-e4f4-11e9-b6fa-3085a9a95629cacti -- Authenticated users may bypass authorization checks

The cacti developers reports:

In Cacti through 1.2.6, authenticated users may bypass authorization checks (for viewing a graph) via a direct graph_json.php request with a modified local_graph_id parameter.


Discovery 2019-09-23
Entry 2019-10-02
cacti
lt 1.2.7

CVE-2019-16723
https://github.com/Cacti/cacti/releases/tag/release%2F1.2.7
f08e2c15-ffc9-11e0-b0f3-bcaec565249ccacti -- Multiple vulnerabilities

Cacti Group reports:

SQL injection issue with user login, and cross-site scripting issues.


Discovery 2011-09-26
Entry 2011-10-26
cacti
lt 0.8.7h

http://www.cacti.net/release_notes_0_8_7h.php
f86d0e5d-7467-11e7-93af-005056925db4Cacti -- Cross-site scripting (XSS) vulnerability in auth_profile.php

kimiizhang reports:

Cross-site scripting (XSS) vulnerability in auth_profile.php in Cacti 1.1.13 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers.


Discovery 2017-07-20
Entry 2017-07-29
cacti
eq 1.1.13

https://github.com/Cacti/cacti/issues/867
https://www.cacti.net/release_notes.php?version=1.1.14
CVE-2017-11691