CVE Vulnerability

CVE-2007-3113

Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service (CPU consumption) via a large value of the (1) graph_height or (2) graph_width parameter, different vectors than CVE-2007-3112.

6.8 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 8 / Impact : 6.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

Scope

References
Link Resource
http://mdessus.free.fr/?p=15
http://bugs.cacti.net/view.php?id=955
http://svn.cacti.net/cgi-bin/viewcvs.cgi/branches/BRANCH_0_8_6/cacti/graph_image.php?rev=3956&r1=3898&r2=3956 Patch
http://secunia.com/advisories/25557 Patch Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=243592
http://fedoranews.org/updates/FEDORA-2007-219.shtml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:184
http://secunia.com/advisories/26872
http://osvdb.org/37019
https://exchange.xforce.ibmcloud.com/vulnerabilities/34747
Configurations

Configuration 1

cpe:2.3:a:the_cacti_group:cacti:*:*:*:*:*:*:*:*
Information

Published : 2007-06-07 09:30

Updated : 2017-07-29 01:31

NVD link : CVE-2007-3113

Mitre link : CVE-2007-3113

Products Affected
No products.
CWE
NVD-CWE-Other