CVE-2009-4112
Published: 30 November 2009
Cacti 0.8.7e and earlier allows remote authenticated administrators to gain privileges by modifying the "Data Input Method" for the "Linux - Get Memory Usage" setting to contain arbitrary commands.
Notes
Author | Note |
---|---|
jdstrand | per Debian, not a security issue because the admin is expected to be able to define such Data Input Methods. |