CVE-2010-1645
Published: 23 August 2010
Cacti before 0.8.7f, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in (1) the FQDN field of a Device or (2) the Vertical Label field of a Graph Template.
Priority
Status
Package | Release | Status |
---|---|---|
cacti Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
hardy |
Ignored
(end of life)
|
|
jaunty |
Ignored
(end of life)
|
|
karmic |
Ignored
(end of life)
|
|
lucid |
Released
(0.8.7e-2ubuntu0.1)
|
|
maverick |
Released
(0.8.7g-1)
|
|
natty |
Released
(0.8.7g-1)
|
|
oneiric |
Released
(0.8.7g-1)
|
|
upstream |
Released
(0.8.7f)
|
|
Patches: upstream: http://svn.cacti.net/viewvc?view=rev&revision=5778 upstream: http://svn.cacti.net/viewvc?view=rev&revision=5782 upstream: http://svn.cacti.net/viewvc?view=rev&revision=5784 |