CVE-2008-0786
Cacti 0.8.6-0.8.7 - HTTP Response Splitting via CRLF Injection
Title source: llmDescription
CRLF injection vulnerability in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k, when running on older PHP interpreters, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
References (17)
Core 17
Core References
Vendor Advisory vendor-advisory
x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00593.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29242
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=432758
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/3657
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200803-18.xml
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28872
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2008:052
Patch x_refsource_confirm
http://www.cacti.net/release_notes_0_8_7b.php
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29274
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/488013/100/0/threaded
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0540
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/27749
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28976
Vendor Advisory vendor-advisory
x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00570.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1019414
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/488018/100/0/threaded
Scores
EPSS
0.0177
EPSS Percentile
75.5%
Details
CWE
CWE-94
Status
published
Products (16)
cacti/cacti
0.6.7
cacti/cacti
0.8
cacti/cacti
0.8.1
cacti/cacti
0.8.2
cacti/cacti
0.8.2a
cacti/cacti
0.8.3
cacti/cacti
0.8.3a
cacti/cacti
0.8.4
cacti/cacti
0.8.5
cacti/cacti
0.8.5a
... and 6 more
Published
Feb 14, 2008
Tracked Since
Feb 18, 2026