Ubuntu
cacti package

[SECURITY] CVE-2008-0783 and CVE-2008-0784

Bug #192199 reported by Stephan Rügamer
256
Affects Status Importance Assigned to Milestone
cacti (Ubuntu)
Fix Released
Undecided
Stephan Rügamer
Dapper
Fix Released
Medium
Stephan Rügamer
Edgy
Fix Released
Medium
Emanuele Gentili
Feisty
Fix Released
Medium
Stephan Rügamer
Gutsy
Fix Released
Medium
Stephan Rügamer

Bug Description

Binary package hint: cacti

Dear Colleagues,

there are two CVEs hanging for Cacti:

CVE-2008-0783:
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote attackers to inject arbitrary web script or HTML via the (1) view_type parameter to graph.php, (2) filter parameter to graph_view.php, and (3) action and login_username parameters to index.php/login.

CVE-2008-0784:
graph.php in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allows remote attackers to obtain the full path via an invalid local_graph_id parameter and other unspecified vectors.

Stephan Rügamer (sruegamer)
Changed in cacti:
assignee: nobody → shermann
status: New → In Progress
Stephan Rügamer (sruegamer)
Changed in cacti:
assignee: nobody → shermann
status: New → In Progress
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cacti - 0.8.7a-2ubuntu1

---------------
cacti (0.8.7a-2ubuntu1) hardy; urgency=low

  * debian/patches/cmd-php-non-unique-hosts.patch:
    - added to fix the "Graph Logic Syntax" Issue (LP: #192201)
  * debian/patches/graph-issue-wrra-specs.patch:
    - added to fix the "Hosts with Duplicate IP Address Not Polled"
      (LP: #192203)
  * debian/patches/CVE-2008-0783_CVE-2008-0784_secfix.patch:
    - added to fix those to security issues (LP: #192199)
  * debian/rules:
    - added cli directory to cp command (LP: #185858)
  * Modify Maintainer value to match the DebianMaintainerField
    specification.

 -- Stephan Hermann <email address hidden> Fri, 15 Feb 2008 19:50:07 +0100

Changed in cacti:
status: In Progress → Fix Released
Revision history for this message
Stephan Rügamer (sruegamer) wrote :
Stephan Rügamer (sruegamer)
Changed in cacti:
assignee: nobody → shermann
status: New → In Progress
Revision history for this message
Stephan Rügamer (sruegamer) wrote :
Revision history for this message
Stephan Rügamer (sruegamer) wrote :
Changed in cacti:
assignee: nobody → shermann
status: New → In Progress
importance: Undecided → Medium
importance: Undecided → Medium
importance: Undecided → Medium
Revision history for this message
Emanuele Gentili (emgent) wrote :
Emanuele Gentili (emgent)
Changed in cacti:
importance: Undecided → Medium
status: New → Confirmed
assignee: nobody → emgent
Emanuele Gentili (emgent)
Changed in cacti:
status: Confirmed → In Progress
Revision history for this message
Emanuele Gentili (emgent) wrote :

Added CVE 2008-0785 and CVE 2008-0786, please dont upload this now.
patching in progress.

Revision history for this message
Emanuele Gentili (emgent) wrote :

According to jdstrand, it's possible upload this patchs.

For CVE-2008-0785 and CVE-2008-0786 opened new bug (#193744)

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cacti - 0.8.6j-1.1ubuntu0.2

---------------
cacti (0.8.6j-1.1ubuntu0.2) gutsy-security; urgency=low

  * SECURITY UPDATE: (LP: #192199)
    + CVE-2008-0783: Multiple cross-site scripting (XSS) vulnerabilities in
      Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote attackers to
      inject arbitrary web script or HTML via the (1) view_type parameter to
      graph.php, (2) filter parameter to graph_view.php, and (3) action and
      login_username parameters to index.php/login.
    + CVE-2008-0784: graph.php in Cacti 0.8.7 before 0.8.7b and 0.8.6 before
      0.8.6k allows remote attackers to obtain the full path via an invalid
      local_graph_id parameter and other unspecified vectors.
  * debian/patches/11_CVE-2008-0783_CVE-2008-0784.dpatch: applied patch by
    upstream.
    (Link: http://www.cacti.net/downloads/patches/0.8.6j/multiple_vulnerabilities-0.8.6j.patch)
  * References:
    CVE-2008-0783
    CVE-2008-0784

 -- Stephan Hermann <email address hidden> Fri, 15 Feb 2008 20:26:11 +0100

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package cacti - 0.8.6i-3ubuntu0.2

---------------
cacti (0.8.6i-3ubuntu0.2) feisty-security; urgency=low

  * SECURITY UPDATE: (LP: #192199)
    + CVE-2008-0783: Multiple cross-site scripting (XSS) vulnerabilities in
      Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote attackers to
      inject arbitrary web script or HTML via the (1) view_type parameter to
      graph.php, (2) filter parameter to graph_view.php, and (3) action and
      login_username parameters to index.php/login.
    + CVE-2008-0784: graph.php in Cacti 0.8.7 before 0.8.7b and 0.8.6 before
      0.8.6k allows remote attackers to obtain the full path via an invalid
      local_graph_id parameter and other unspecified vectors.
  * debian/patches/11_CVE-2008-0783_CVE-2008-0784.dpatch: applied patch by
    upstream. (backported from 0.8.6j)
    (Link: http://www.cacti.net/downloads/patches/0.8.6j/multiple_vulnerabilities-0.8.6j.patch)
  * References:
    CVE-2008-0783
    CVE-2008-0784

 -- Stephan Hermann <email address hidden> Fri, 15 Feb 2008 21:10:36 +0100

Changed in cacti:
status: In Progress → Fix Released
status: In Progress → Fix Released
Jamie Strandboge (jdstrand)
Changed in cacti:
status: In Progress → Fix Released
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.