CVE-2008-0786

N/A Unknown

Published: February 14, 2008 Modified: April 23, 2026

Description

CRLF injection vulnerability in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k, when running on older PHP interpreters, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html

Source: cve@mitre.org

http://secunia.com/advisories/28872

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/28976

Source: cve@mitre.org

http://secunia.com/advisories/29242

Source: cve@mitre.org

http://secunia.com/advisories/29274

Source: cve@mitre.org

http://security.gentoo.org/glsa/glsa-200803-18.xml

Source: cve@mitre.org

http://securityreason.com/securityalert/3657

Source: cve@mitre.org

http://www.cacti.net/release_notes_0_8_7b.php

Source: cve@mitre.org

Patch

http://www.mandriva.com/security/advisories?name=MDVSA-2008:052

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/488013/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/488018/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/27749

Source: cve@mitre.org

Patch

http://www.securitytracker.com/id?1019414

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2008/0540

Source: cve@mitre.org

https://bugzilla.redhat.com/show_bug.cgi?id=432758

Source: cve@mitre.org

https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00570.html

Source: cve@mitre.org

https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00593.html

Source: cve@mitre.org

http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html