NVD

Id
757  
Name
CVE-2008-0786  
Description
CRLF injection vulnerability in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k, when running on older PHP interpreters, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-03  
Published
2008-02-14  
Modified Date
2011-03-07  
Seq
2008-0786  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
4786 757 CVE-2008-0786 SUSE-SR:2008:005  View
4787 757 CVE-2008-0786 GLSA-200803-18  View
4788 757 CVE-2008-0786 3657  View
4789 757 CVE-2008-0786 http://www.cacti.net/release_notes_0_8_7b.php  View
4790 757 CVE-2008-0786 MDVSA-2008:052  View
4791 757 CVE-2008-0786 20080212 cacti -- Multiple security vulnerabilities have been discovered  View
4792 757 CVE-2008-0786 20080212 Cacti 0.8.7a Multiple Vulnerabilities  View
4793 757 CVE-2008-0786 27749  View
4794 757 CVE-2008-0786 1019414  View
4795 757 CVE-2008-0786 ADV-2008-0540  View
4796 757 CVE-2008-0786 https://bugzilla.redhat.com/show_bug.cgi?id=432758  View
4797 757 CVE-2008-0786 FEDORA-2008-1699  View
4798 757 CVE-2008-0786 FEDORA-2008-1737  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
47420 JVNDB-2008-002730 Cacti における HTTP レスポンス分割攻撃を実行される脆弱性 Cacti には、古い PHP インタプリタ上で稼動する際、CRLF インジェクションが発生するため、任意の HTTP ヘッダを挿入され、HTTP レスポンス分割攻撃を実行される脆弱性が存在します。 CVE-2008-0786 30899 CVE-2008-0786 757 4.3 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002730.html 2008-02-14 2012-06-26 View