what you don't know can hurt you
Showing 1 - 1 of 1 RSS Feed

Files

Debian Linux Security Advisory 2060-1
Posted Jun 16, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2060-1 - Stefan Esser discovered that cacti, a front-end to rrdtool for monitoring systems and services, is not properly validating input passed to the rra_id parameter of the graph.php script. Due to checking the input of $_REQUEST but using $_GET input in a query an unauthenticated attacker is able to perform SQL injections via a crafted rra_id $_GET value and an additional valid rra_id $_POST or $_COOKIE value.

tags | advisory, php, sql injection
systems | linux, debian
advisories | CVE-2010-2092
MD5 | 6dc00c92a031f8533edd9176ae64a1aa
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Twitter Says Olympics, IOC Accounts Hacked
Posted Feb 17, 2020

tags | headline, hacker, twitter
Police Force Denies Creating Child Hacker Poster
Posted Feb 17, 2020

tags | headline, hacker, government, britain
Hacking Brain-Computer Interfaces
Posted Feb 17, 2020

tags | headline, hacker, science
Signal Is Finally Bringing Its Secure Messaging To The Masses
Posted Feb 17, 2020

tags | headline, privacy, phone, cryptography
Privacy Experts Skeptical Of Proposed Data Protection Agency
Posted Feb 14, 2020

tags | headline, government, privacy, usa
Black Hat Asia 2020 Postponed Due To Coronavirus Concerns
Posted Feb 14, 2020

tags | headline, china, conference
Nedbank Says 1.7 Million Affected By Breach
Posted Feb 14, 2020

tags | headline, hacker, privacy, bank, cybercrime, data loss, fraud
Facebook Removes Foreign Interference Operations From Iran And Russia
Posted Feb 14, 2020

tags | headline, government, privacy, russia, data loss, fraud, cyberwar, facebook, iran
Critical XSS Vulnerability Patched In WordPress Plugin GDPR Cookie Consent
Posted Feb 13, 2020

tags | headline, flaw, wordpress
Czechs Investigating Avast Over Data Collection Policies
Posted Feb 13, 2020

tags | headline, government, privacy, virus, data loss
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close