PT-2007-4397 · Cacti · Cacti

Ville Skyttä

Published

2007-06-07

Updated

2017-07-29

CVE-2007-3113

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions: Cacti version 0.8.6i

Description: The issue allows remote authenticated users to cause a denial of service, specifically CPU consumption, by providing a large value for the graph height or graph width parameter.

Recommendations: For version 0.8.6i, restrict the input values for the graph height and graph width parameters to prevent excessive CPU consumption. At the moment, there is no information about a newer version that contains a fix for this issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-3113

DSA-1954-1

Affected Products

Cacti

PT-2007-4397 · Cacti · Cacti

CVE-2007-3113

Related Identifiers

Affected Products

References · 15