[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250108

 
 

909

 
 

196064

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2007-3112Date: (C)2007-06-07   (M)2023-12-22


graph_image.php in Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service (CPU consumption) via a large value of the (1) graph_start or (2) graph_end parameter, different vectors than CVE-2007-3113.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.8
Exploit Score: 10.0
Impact Score: 6.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: COMPLETE
  
Reference:
http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0074.html
SECUNIA-25557
SECUNIA-26872
OSVDB-37019
FEDORA-2007-2199
MDKSA-2007:184
cacti-graphstart-graphend-dos(34747)
http://bugs.cacti.net/view.php?id=955
http://mdessus.free.fr/?p=15
http://svn.cacti.net/cgi-bin/viewcvs.cgi/branches/BRANCH_0_8_6/cacti/graph_image.php?rev=3956&r1=3898&r2=3956
https://bugzilla.redhat.com/show_bug.cgi?id=243592

OVAL    2
oval:org.mitre.oval:def:6983
oval:org.secpod.oval:def:600292

© SecPod Technologies