Published: 07/06/2007 Updated: 29/07/2017

CVSS v2 Base Score: 6.8 | Impact Score: 6.9 | Exploitability Score: 8

VMScore: 605

Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C

Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service (CPU consumption) via a large value of the (1) graph_height or (2) graph_width parameter, different vectors than CVE-2007-3112.

Vulnerable Product	Search on Vulmon	Subscribe to Product
the cacti group cacti

Debian Bug report logs - #429224 [CVE-2007-3112, CVE-2007-3113] post-authentication DoS Package: cacti; Maintainer for cacti is Cacti Maintainer <pkg-cacti-maint@listsaliothdebianorg>; Source for cacti is src:cacti (PTS, buildd, popcon) Reported by: Florian Weimer <fw@denebenyode> Date: Sat, 16 Jun 2007 11:00:01 ...

Several vulnerabilities have been found in cacti, a frontend to rrdtool for monitoring systems and services The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-3112, CVE-2007-3113 It was discovered that cacti is prone to a denial of service via the graph_height, graph_width, graph_start and graph_end param ...

NVD-CWE-Other http://mdessus.free.fr/?p=15 http://bugs.cacti.net/view.php?id=955 http://svn.cacti.net/cgi-bin/viewcvs.cgi/branches/BRANCH_0_8_6/cacti/graph_image.php?rev=3956&r1=3898&r2=3956 http://secunia.com/advisories/25557 https://bugzilla.redhat.com/show_bug.cgi?id=243592 http://fedoranews.org/updates/FEDORA-2007-219.shtml http://www.mandriva.com/security/advisories?name=MDKSA-2007:184 http://secunia.com/advisories/26872 http://osvdb.org/37019 https://exchange.xforce.ibmcloud.com/vulnerabilities/34747 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=429224 https://nvd.nist.gov https://www.debian.org/security/./dsa-1954

CVE-2007-3113

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect