Bug 243592 - (CVE-2007-3113) CVE-2007-3112, CVE-2007-3113: cacti DoS vulnerabilities
CVE-2007-3112, CVE-2007-3113: cacti DoS vulnerabilities
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: cacti (Show other bugs)
7
All Linux
medium Severity medium
: ---
: ---
Assigned To: Mike McGrath
Fedora Extras Quality Assurance
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-06-10 05:54 EDT by Ville Skyttä
Modified: 2007-11-30 17:12 EST (History)
2 users (show)

See Also:
Fixed In Version: 0.8.6j-8.fc7
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-09-17 23:24:44 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Ville Skyttä 2007-06-10 05:54:52 EDT
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3112
"Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to
cause a denial of service (CPU consumption) via a large value of the (1)
graph_start or (2) graph_end parameter."

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3113
"Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to
cause a denial of service (CPU consumption) via a large value of the (1)
graph_height or (2) graph_width parameter."

The patch linked to in the reports applies to 0.8.6j too.
Comment 1 Mike McGrath 2007-06-14 12:53:11 EDT
Sorry I'm not following, it seems that 0.8.6j has been fixed from these bugs, 
can you show me where you are finding otherwise?
Comment 2 Ville Skyttä 2007-06-14 13:10:49 EDT
Like I mentioned, that patch to which both of the CVE's link to, applies to
0.8.6j too.  I haven't checked beyond that.

$ make prep
[...]
$ cd cacti-0.8.6j
$ curl -s
"http://svn.cacti.net/cgi-bin/viewcvs.cgi/branches/BRANCH_0_8_6/cacti/graph_image.php?rev=3956&r1=3898&r2=3956&makepatch=1&diff_format=h"
| patch -p3
patching file graph_image.php
Hunk #1 succeeded at 51 (offset 2 lines).
Comment 3 Kevin Fenzi 2007-09-13 20:15:04 EDT
Any further word here? Is 0.8.6j vulnerable? 
Comment 4 Mike McGrath 2007-09-14 17:08:24 EDT
Confirmed, it is.  I'll apply the patches and push soon.  it has been fixed in
0.8.7 already but that is not an official release yet.
Comment 5 Fedora Update System 2007-09-17 23:24:43 EDT
cacti-0.8.6j-8.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.