CVE-2007-3112
First published: Thu Jun 07 2007(Updated: )
graph_image.php in Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service (CPU consumption) via a large value of the (1) graph_start or (2) graph_end parameter, different vectors than CVE-2007-3113.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| The Cacti Group Cacti | <=0.8.6i |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://mdessus.free.fr/?p=15
- http://bugs.cacti.net/view.php?id=955
- http://svn.cacti.net/cgi-bin/viewcvs.cgi/branches/BRANCH_0_8_6/cacti/graph_image.php?rev=3956&r1=3898&r2=3956
- http://secunia.com/advisories/25557
- https://bugzilla.redhat.com/show_bug.cgi?id=243592
- http://fedoranews.org/updates/FEDORA-2007-219.shtml
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:184
- http://secunia.com/advisories/26872
- http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0074.html
- http://osvdb.org/37019
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34747
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/remedy
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- vendor/the cacti group
- canonical/the cacti group cacti
- version/the cacti group cacti/0.8.6i