Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:PHP:CACTI-CONFIG-INC |
|---|---|
Severity |
Major |
Recommended |
No |
Category |
HTTP |
Keywords |
RaXnet Cacti Config_Settings.PHP Remote File Inclusion |
Release Date |
2007/01/17 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: RaXnet Cacti Config_Settings.PHP Remote File Inclusion
This signature detects attempts to exploit a known vulnerability against RaXnet Cacti. A successful attack can lead to arbitrary code execution.
Extended Description
RaXnet Cacti is prone to a remote file include vulnerability. The problem presents itself specifically when an attacker passes the location of a remote attacker-specified script through the 'config_settings.php' script. An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access.
Affected Products
- Conectiva linux 10.0.0
- Conectiva linux 9.0.0
- Debian linux 3.0.0
- Debian linux 3.0.0 Alpha
- Debian linux 3.0.0 Arm
- Debian linux 3.0.0 Hppa
- Debian linux 3.0.0 Ia-32
- Debian linux 3.0.0 Ia-64
- Debian linux 3.0.0 M68k
- Debian linux 3.0.0 Mips
- Debian linux 3.0.0 Mipsel
- Debian linux 3.0.0 Ppc
- Debian linux 3.0.0 S/390
- Debian linux 3.0.0 Sparc
- Debian linux 3.1.0
- Debian linux 3.1.0 Alpha
- Debian linux 3.1.0 Arm
- Debian linux 3.1.0 Hppa
- Debian linux 3.1.0 Ia-32
- Debian linux 3.1.0 Ia-64
- Debian linux 3.1.0 M68k
- Debian linux 3.1.0 Mips
- Debian linux 3.1.0 Mipsel
- Debian linux 3.1.0 Ppc
- Debian linux 3.1.0 S/390
- Debian linux 3.1.0 Sparc
- Freebsd freebsd 4.10.0
- Freebsd freebsd 4.10.0 -RELEASE
- Freebsd freebsd 4.10.0 -RELEASE-P8
- Freebsd freebsd 4.10.0 -RELENG
- Freebsd freebsd 4.11.0 -RELEASE-P3
- Freebsd freebsd 4.11.0 -RELENG
- Freebsd freebsd 4.11.0 -STABLE
- Freebsd freebsd 5.0.0
- Freebsd freebsd 5.0.0 Alpha
- Freebsd freebsd 5.0.0 -RELEASE-P14
- Freebsd freebsd 5.0.0 -RELENG
- Freebsd freebsd 5.1.0
- Freebsd freebsd 5.1.0 -RELEASE
- Freebsd freebsd 5.1.0 -RELEASE/Alpha
- Freebsd freebsd 5.1.0 -RELEASE-P5
- Freebsd freebsd 5.1.0 -RELENG
- Freebsd freebsd 5.2.0
- Freebsd freebsd 5.2.0 -RELEASE
- Freebsd freebsd 5.2.0 -RELENG
- Freebsd freebsd 5.2.1 -RELEASE
- Freebsd freebsd 5.3.0
- Freebsd freebsd 5.3.0 -RELEASE
- Freebsd freebsd 5.3.0 -RELENG
- Freebsd freebsd 5.3.0 -STABLE
- Freebsd freebsd 5.4.0 -PRERELEASE
- Freebsd freebsd 5.4.0 -RELEASE
- Freebsd freebsd 5.4.0 -RELENG
- Gentoo linux
- Raxnet cacti 0.5.0
- Raxnet cacti 0.6.0
- Raxnet cacti 0.6.1
- Raxnet cacti 0.6.2
- Raxnet cacti 0.6.3
- Raxnet cacti 0.6.4
- Raxnet cacti 0.6.5
- Raxnet cacti 0.6.6
- Raxnet cacti 0.6.7
- Raxnet cacti 0.6.8
- Raxnet cacti 0.6.8 a
- Raxnet cacti 0.8.0
- Raxnet cacti 0.8.1
- Raxnet cacti 0.8.2
- Raxnet cacti 0.8.2 a
- Raxnet cacti 0.8.3
- Raxnet cacti 0.8.3 a
- Raxnet cacti 0.8.4
- Raxnet cacti 0.8.5
- Raxnet cacti 0.8.5 a
- Raxnet cacti 0.8.6
- Raxnet cacti 0.8.6 a
- Raxnet cacti 0.8.6 b
- Raxnet cacti 0.8.6 c
- Raxnet cacti 0.8.6 d
- Siteframe siteframe 3.0.1
- Siteframe siteframe 3.0.2
- Siteframe siteframe 3.1.0
- Siteframe siteframe 3.1.1
- Siteframe siteframe 3.1.2
- Siteframe siteframe 3.1.4
- Siteframe siteframe 3.1.6
- Siteframe siteframe 3.1.8 BETA
- Siteframe siteframe 3.1.9
- Siteframe siteframe 3.2.0 p5
- Suse linux_desktop 1.0.0
- Suse linux_enterprise_server_for_s/390 9.0.0
- Suse linux_personal 8.2.0
- Suse linux_personal 9.0.0
- Suse linux_personal 9.0.0 X86 64
- Suse linux_personal 9.1.0
- Suse linux_personal 9.1.0 X86 64
- Suse linux_personal 9.2.0
- Suse linux_personal 9.2.0 X86 64
- Suse linux_personal 9.3.0
- Suse linux_personal 9.3.0 X86 64
- Suse linux_professional 8.2.0
- Suse linux_professional 9.0.0
- Suse linux_professional 9.0.0 X86 64
- Suse linux_professional 9.1.0
- Suse linux_professional 9.1.0 X86 64
- Suse linux_professional 9.2.0
- Suse linux_professional 9.2.0 X86 64
- Suse linux_professional 9.3.0
- Suse linux_professional 9.3.0 X86 64
- Suse novell_linux_desktop 9.0.0
- Suse open-enterprise-server 9.0.0
- Suse suse_linux_enterprise_server 8
- Suse suse_linux_enterprise_server 9
- Suse suse_linux_openexchange_server 4.0.0
- Suse suse_linux_retail_solution 8.0.0
- Suse suse_linux_school_server_for_i386
- Suse suse_linux_standard_server 8.0.0
References