CVE-2002-1479

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2002-1479

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2002-1479.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2002-1479

Downstream

DEBIAN-CVE-2002-1479

Published

2003-04-22T04:00:00Z

Modified

2025-08-09T19:01:29Z

Summary

[none]

Details

Cacti before 0.6.8 stores a MySQL username and password in plaintext in config.php, which has world-readable permissions, which allows local users to modify databases as the Cacti user and possibly gain privileges.

References

http://archives.neohapsis.com/archives/bugtraq/2002-09/0028.html
http://www.iss.net/security_center/static/10049.php
http://www.knights-of-the-routing-table.org/advisories/krt_001_20020903_cacti.txt
http://www.securityfocus.com/bid/5628

CVE-2002-1479

Affected packages