Hello,
I have to present a vulnerability : CVE-2016-3172 (SQL Injection
/ tree.php) + CVE-2015-8604 (SQL Injection / graphs_new.php) in a university
defense
I installed cacti 0.8.8f on a virtual machine and i would replay the sql
injection.
Unfortunately I can not.
Could you help me ? How to replay this injection?
Thanks for your help
De : David Liedke [mailto:lie...@rz.uni-mannheim.de]
Envoyé : mercredi 15 mars 2017 08:10
À : STRABACH Jérôme DTSI/DERS
Objet : Re: Info CVE-2016-3172 (SQL Injection / tree.php) + CVE-2015-8604
(SQL Injection / graphs_new.php)
Hello,
Sorry - i dont know. I am only one of the package maintainers of the cacti
package in the openSUSE Repository.
Maybe you can ask on the "cacti-user" mailing list -->
http://cacti.net/mailing_lists.php
Good luck.
Regards,
David
Am 14.03.2017 um 19:01 schrieb jerome.strab...@orange.com:
Hello,
I am a student at the University of Lille, in France
I begin my studies in network security.
I have to present a vulnerability : CVE-2016-3172 (SQL Injection / tree.php)
+ CVE-2015-8604 (SQL Injection / graphs_new.php)
For CVE-2015-8604 :
http://www.cvedetails.com/cve-details.php?t=1
<http://www.cvedetails.com/cve-details.php?t=1&cve_id=CVE-2015-8604>
&cve_id=CVE-2015-8604
http://www.openwall.com/lists/oss-security/2016/03/10/13
CVE-2016-3172
https://www.cvedetails.com/cve-details.php?t=1
<https://www.cvedetails.com/cve-details.php?t=1&cve_id=CVE-2016-3172>
&cve_id=CVE-2016-3172
I installed cacti 0.8.8f on a virtual machine and i would replay the sql
injection.
Unfortunately I can not.
Could you help me ? How to replay this injection?
Thanks for your help
smime.p7s
Description: S/MIME cryptographic signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ cacti-user mailing list cacti-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/cacti-user
