Vulnerabilities > CVE-2004-1736 - Unspecified vulnerability in the Cacti Group Cacti 0.8.5A
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Cacti 0.8.5a allows remote attackers to gain sensitive information via an HTTP request to (1) auth.php, (2) auth_login.php, (3) auth_changepassword.php, and possibly other php files, which reveal the installation path in a PHP error message.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025376.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025376.html
- http://marc.info/?l=bugtraq&m=109272483621038&w=2
- http://marc.info/?l=bugtraq&m=109272483621038&w=2
- http://secunia.com/advisories/12308
- http://secunia.com/advisories/12308
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17014
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17014