Archive for June, 2007

As reported by the ISC, some people are using images to hide PHP code : if an image, contains PHP code, for example in the comment section, it may be included as an usual PHP file, and the PHP code will be happily executed. It may be a great way to hide malicious code in [...]

June 19, 2007, 4:19 pm lock

It is possible to an authenticated user in Cacti to modify the graph_start and graph_end parameters values in the URL, and specify higher numbers than expected in order to make cacti use all the server CPU.
For example, if an user modify a graph URL as seen is the location bar:
to this one:
rrdtool will take [...]

June 2, 2007, 12:17 pm lock