Download
| Alert*
oval:org.secpod.oval:def:56017
The host is installed with Cacti version 1.1.27 and is prone to an arbitrary OS command execution vulnerability. A flaw is present in the application, which fails to handle the issue in path_rrdtool parameter in an action=save request. Successful exploitation could allow remote authenticated adminis ... oval:org.secpod.oval:def:113631 Cacti is a complete frontend to RRDTool. It stores all of the necessary information to create graphs and populate them with data in a MySQL database. The frontend is completely PHP driven. oval:org.secpod.oval:def:113670 Cacti is a complete frontend to RRDTool. It stores all of the necessary information to create graphs and populate them with data in a MySQL database. The frontend is completely PHP driven. oval:org.secpod.oval:def:113474 Cacti is a complete frontend to RRDTool. It stores all of the necessary information to create graphs and populate them with data in a MySQL database. The frontend is completely PHP driven. oval:org.secpod.oval:def:1900283 lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators to execute arbitrary OS commands via the path_rrdtool parameter in an action=save request to settings.php. |