Cacti CMD.PHP Remote Command Execution Vulnerability

Bugtraq ID:	21799
Class:	Input Validation Error
CVE:	CVE-2006-6799
Remote:	Yes
Local:	No
Published:	Dec 28 2006 12:00AM
Updated:	Jan 30 2007 11:18PM
Credit:	rgod is credited with the discovery of this vulnerability.
Vulnerable:	S.u.S.E. openSUSE 10.2 S.u.S.E. Linux Professional 10.0 OSS S.u.S.E. Linux Professional 10.0 S.u.S.E. Linux Professional 9.3 x86_64 S.u.S.E. Linux Professional 9.3 S.u.S.E. Linux Personal 10.0 OSS S.u.S.E. Linux Personal 9.3 x86_64 S.u.S.E. Linux Personal 9.3 S.u.S.E. Linux Personal 10.1 Planet Technology WSW-2401 0.8.6 h OpenPKG OpenPKG Stable OpenPKG OpenPKG E1.0-Solid OpenPKG OpenPKG Current OpenPKG OpenPKG 2-Stable-20061018 MandrakeSoft Corporate Server 4.0 x86_64 MandrakeSoft Corporate Server 4.0 Gentoo Linux Debian Linux 3.1 sparc Debian Linux 3.1 s/390 Debian Linux 3.1 ppc Debian Linux 3.1 mipsel Debian Linux 3.1 mips Debian Linux 3.1 m68k Debian Linux 3.1 ia-64 Debian Linux 3.1 ia-32 Debian Linux 3.1 hppa Debian Linux 3.1 arm Debian Linux 3.1 amd64 Debian Linux 3.1 alpha Debian Linux 3.1 Cacti Cacti 0.8.6 f Cacti Cacti 0.8.6i

Not Vulnerable:	Cacti Cacti 0.8.6j