Oval Definition:	oval:org.opensuse.security:def:20066799
Revision Date: 2022-06-30 Version: 1 Title: CVE-2006-6799 Description: SQL injection vulnerability in Cacti 0.8.6i and earlier, when register_argc_argv is enabled, allows remote attackers to execute arbitrary SQL commands via the (1) second or (2) third arguments to cmd.php. NOTE: this issue can be leveraged to execute arbitrary commands since the SQL query results are later used in the polling_items array and popen function. Family: unix Class: vulnerability Status: Reference(s): CVE-2006-6799 Mitre CVE-2006-6799 SUSE CVE-2006-6799 SUSE-SA:2007:007 SUSE-SA:2007:007 Platform(s): openSUSE 10.2 openSUSE Tumbleweed SUSE LINUX 10.0 SUSE LINUX 10.1 SUSE LINUX 9.3 SUSE Linux Enterprise High Performance Computing 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Package Hub for SUSE Linux Enterprise 12 Product(s): Definition Synopsis Release Information suse100 is installed AND cacti less than 0.8.6f-2.2 OR Package Information suse101 is installed AND cacti less than 0.8.6h-15.2 OR Package Information suse93 is installed AND cacti less than 0.8.6e-2.5 Definition Synopsis SUSE Package Hub for SUSE Linux Enterprise 12 is installed AND Package Information cacti-1.1.38-2 is installed OR cacti-doc-1.1.38-2 is installed Definition Synopsis openSUSE Tumbleweed is installed AND cacti-1.2.18-1.2 is installed Definition Synopsis SUSE Package Hub for SUSE Linux Enterprise 12 is installed AND Package Information cacti-1.1.38-2.1 is installed OR cacti-doc-1.1.38-2.1 is installed
BACK