| Anonymous | Login | Signup for a new account | 2013-05-19 03:35 EDT |
| Main | My View | View Issues | Change Log | Roadmap | Docs |
| Viewing Issue Advanced Details [ Jump to Notes ] | [ View Simple ] [ Issue History ] [ Print ] | ||||||
| ID | Category | Severity | Reproducibility | Date Submitted | Last Update | ||
| 0002062 | [Cacti] Security | minor | have not tried | 2011-09-25 12:37 | 2012-10-24 03:40 | ||
| Reporter | rony | View Status | public | ||||
| Assigned To | rony | ||||||
| Priority | high | Resolution | fixed | Platform | |||
| Status | closed | OS | |||||
| Projection | none | OS Version | |||||
| ETA | none | Fixed in Version | Product Version | 0.8.7g | |||
| Target Version | 0.8.7h | Product Build | |||||
| Summary | 0002062: Multiple security vunerbilities | ||||||
| Description |
From forum post: http://forums.cacti.net/viewtopic.php?f=21&t=44116 [^] I has installed the Cacti 0.8.7g and will publish to internet but my security team has done some security assessment and found that something to be fix. Below are the security issues that should be fix and I have no idea how to fix the issues. 1. Authentication Bypass Using SQL Injection Example: https://IP [^] Address/cacti/index.php (Parameter: login_username) Remediation: Filter out hazardous characters from user input 2. Cross-Site Scripting Example: https://IP [^] Address/cacti/graph_settings.php Remediation: Filter out hazardous characters from user input 3. Phishing Through URL Redirection Example: https://IP [^] Address/cacti/graph_settings.php (Parameter: referer) Remediation: Disable redirection to external sites based on parameter values 4. Stored Cross-Site Scripting Example: https://IP [^] Address/cacti/graph_settings.php Remediation: Filter out hazardous characters from user input 5. Cross-Site Request Forgery Example: https://IP [^] Address/cacti/logout.php Remediation: Decline malicious requests 6. Inadequate Account Lockout Example: https://IP [^] Address/cacti/index.php (Parameter: login_password) Remediation: Enforce account lockout after several failed login attempts 7. Phishing Through Frames Example: https://IP [^] Address/cacti/graph_settings.php (Parameter: num_columns) Remediation: Filter out hazardous characters from user input |
||||||
| Steps To Reproduce | |||||||
| Additional Information | |||||||
| Tags | No tags attached. | ||||||
| Attached Files |
 CACTI - Vulnerability Assessment Report v1.1.zip [^] (2,061,005 bytes) 2011-09-29 21:29 |
||||||
|
|
|||||||
 Relationships |
|
|
Notes |
|
|
(0005880) rony (administrator) 2011-09-25 20:00 |
SQL injection fixed for 0.8.7h release. |
|
(0005883) red_garlic (reporter) 2011-09-29 21:32 |
hi, I'm attached the full security assessment report. Hope it can help. thanks |
|
(0005884) TheWitness (developer) 2011-10-02 22:33 |
Thanks, TheWitness |
|
(0005900) red_garlic (reporter) 2011-10-11 23:42 |
Hi, I had updated to 0.8.7h and got positive result for security assessment. Only 3 item need to be fix. 1.Cross-Site Scripting Example: https://IP/cacti/graph_settings.php [^] Remediation: Filter out hazardous characters from user input 2.Stored Cross-Site Scripting Example: https://IP/cacti/graph_settings.php [^] Remediation: Filter out hazardous characters from user input 3.Cross-Site Request Forgery Example: https://IP/cacti/logout.php [^] Remediation: Decline malicious requests Thanks. |
|
(0005902) TheWitness (developer) 2011-10-12 14:10 |
This must have been done with the PIA installed. Can you confirm? |
|
(0005903) TheWitness (developer) 2011-10-12 15:09 |
Of the issues above all but 6. Inadequate Account Lockout Have been addressed. Item 6. from above is a feature request. I'll defer to Rony. I know that cigamit wrote a C3 security layer on Cacti already, but I don't believe it is publicly available. |
|
(0005918) TheWitness (developer) 2011-10-24 21:12 |
All the relevant are confirmed as resolved. |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2011-09-25 12:37 | rony | New Issue | |
| 2011-09-25 12:37 | rony | Status | new => assigned |
| 2011-09-25 12:37 | rony | Assigned To | => rony |
| 2011-09-25 20:00 | rony | Note Added: 0005880 | |
| 2011-09-26 14:39 | paulgevers | Issue Monitored: paulgevers | |
| 2011-09-29 03:28 | bfek-18 | Issue Monitored: bfek-18 | |
| 2011-09-29 21:29 | red_garlic | File Added: CACTI - Vulnerability Assessment Report v1.1.zip | |
| 2011-09-29 21:32 | red_garlic | Note Added: 0005883 | |
| 2011-10-02 22:33 | TheWitness | Note Added: 0005884 | |
| 2011-10-02 22:33 | TheWitness | Issue Monitored: TheWitness | |
| 2011-10-11 23:42 | red_garlic | Note Added: 0005900 | |
| 2011-10-12 14:10 | TheWitness | Note Added: 0005902 | |
| 2011-10-12 15:09 | TheWitness | Note Added: 0005903 | |
| 2011-10-24 21:12 | TheWitness | Note Added: 0005918 | |
| 2011-10-24 21:12 | TheWitness | Status | assigned => resolved |
| 2011-10-24 21:12 | TheWitness | Resolution | open => fixed |
| 2012-05-01 11:00 | paulgevers | Issue End Monitor: paulgevers | |
| 2012-10-24 03:40 | Linegod | Status | resolved => closed |
| Mantis 1.1.6[^] Copyright © 2000 - 2008 Mantis Group |  |
