Vulnerabilities > CVE-2012-3448 - Unspecified vulnerability in Ganglia Ganglia-Web

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

nessus

exploit available

NVD

Published: 2012-08-06

Updated: 2024-11-21

Summary

Unspecified vulnerability in Ganglia Web before 3.5.1 allows remote attackers to execute arbitrary PHP code via unknown attack vectors.

Part	Description	Count
Application	Ganglia Ganglia Ganglia WEB 2.1.3 Ganglia Ganglia WEB 2.1.5 Ganglia Ganglia WEB 3.3.1 Ganglia Ganglia WEB 3.3.0 Ganglia Ganglia WEB 3.4.1 Ganglia Ganglia WEB 2.1.7 Ganglia Ganglia WEB 2.1.2 Ganglia Ganglia WEB 2.1.0 Ganglia Ganglia WEB 2.1.6 Ganglia Ganglia WEB 3.4.2 Ganglia Ganglia WEB 2.2.0 Ganglia Ganglia WEB 2.1.1 Ganglia Ganglia WEB 2.1.8 Ganglia Ganglia WEB 3.5.0	14

description	Ganglia Web Frontend < 3.5.1 - PHP Code Execution. CVE-2012-3448. Webapps exploit for php platform
file	exploits/php/webapps/38030.php
id	EDB-ID:38030
last seen	2016-02-04
modified	2015-08-31
platform	php
port
published	2015-08-31
reporter	Andrei Costin
source	https://www.exploit-db.com/download/38030/
title	Ganglia Web Frontend < 3.5.1 - PHP Code Execution
type	webapps

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-2610.NASL
description	Insufficient input sanitization in Ganglia, a web-based monitoring system, could lead to remote PHP script execution with permissions of the user running the web server.
last seen	2020-03-17
modified	2013-01-22
plugin id	63640
published	2013-01-22
reporter	This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/63640
title	Debian DSA-2610-1 : ganglia - arbitrary script execution

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-201412-10.NASL
description	The remote host is affected by the vulnerability described in GLSA-201412-10 (Multiple packages, Multiple vulnerabilities fixed in 2012) Vulnerabilities have been discovered in the packages listed below. Please review the CVE identifiers in the Reference section for details. EGroupware VTE Layer Four Traceroute (LFT) Suhosin Slock Ganglia Jabber to GaduGadu Gateway Impact : A context-dependent attacker may be able to gain escalated privileges, execute arbitrary code, cause Denial of Service, obtain sensitive information, or otherwise bypass security restrictions. Workaround : There is no known workaround at this time.
last seen	2020-06-01
modified	2020-06-02
plugin id	79963
published	2014-12-15
reporter	This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/79963
title	GLSA-201412-10 : Multiple packages, Multiple vulnerabilities fixed in 2012

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2012-10699.NASL
description	Fix for arbitrary PHP file execution Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-17
modified	2012-07-26
plugin id	60122
published	2012-07-26
reporter	This script is Copyright (C) 2012-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/60122
title	Fedora 17 : ganglia-3.1.7-6.fc17 (2012-10699)

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2012-10727.NASL
description	Fix for arbitrary PHP file execution Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-17
modified	2012-07-26
plugin id	60123
published	2012-07-26
reporter	This script is Copyright (C) 2012-2020 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/60123
title	Fedora 16 : ganglia-3.1.7-5.fc16 (2012-10727)

data source	https://packetstormsecurity.com/files/download/133379/ganglia-exec.txt
id	PACKETSTORM:133379
last seen	2016-12-05
published	2015-08-31
reporter	Andrei Costin
source	https://packetstormsecurity.com/files/133379/Ganglia-Web-Frontend-PHP-Code-Execution.html
title	Ganglia Web Frontend PHP Code Execution

bulletinFamily	exploit
description	<p>1. Assuming that ganglia is installed on the target machine at this path:</p><p>/var/www/html/ganglia/</p><p> </p><p>2. Assuming the attacker has minimal access to the target machine and </p><p>can write to "/tmp". There are several methods where a remote attacker can </p><p>also trigger daemons or other system processes to create files in "/tmp" </p><p>whose content is (partially) controlled by the remote attacker. </p><p> </p><p>3. The attacker puts the contents of this PoC file into the file:</p><p>/tmp/attack.php</p><p> </p><p>4. The attacker visits the Ganglia Web Frontend interface with version < 3.5.1 </p><p>as:</p><p><a href="http://targetIP/ganglia/graph.php?g=../../../../tmp/attack&metric=DUMMY&title=DUMMY" rel="nofollow">http://targetIP/ganglia/graph.php?g=../../../../tmp/attack&metric=DUMMY&title=DUMMY</a></p><p> </p><p>5. Confirm that the PoC created a dummy file in the /tmp folder and copied </p><p>/etc/passwd to /tmp.</p>
id	SSV:89282
last seen	2017-11-19
modified	2015-09-01
published	2015-09-01
reporter	00r00
source	https://www.seebug.org/vuldb/ssvid-89282
title	Ganglia Web Frontend < 3.5.1 - PHP Code Execution