copy_cacti_user.php is also vulnerable...
http://retrogod.altervista.org/cacti_086i_adm.html
and through script_server.php is possible to start an unlimited number of php processes to a have a D.o.S.
Search found 2 matches
- Sat Dec 30, 2006 5:30 pm
- Forum: Help: General
- Topic: [Cacti <= 0.8.6i] Remote Injection Exploit
- Replies: 57
- Views: 101272
- Thu Dec 28, 2006 1:39 pm
- Forum: Help: General
- Topic: [Cacti <= 0.8.6i] Remote Injection Exploit
- Replies: 57
- Views: 101272
the exploit condition is register_argc_argv = on, not register_globals = on, like you wrote in mantis. Request method check works fine ah, I see the wrong check in various scripts, so... other attack maybe possible, so if you have that directive on, grep for that. This .htaccess line should work tem...