ID
VAR-200205-0029
CVE
CVE-2002-0232
TITLE
MRTG CGI Remotely read arbitrary file vulnerabilities
Trust: 0.6
DESCRIPTION
Directory traversal vulnerability in Multi Router Traffic Grapher (MRTG) allows remote attackers to read portions of arbitrary files via a .. (dot dot) in the cfg parameter for (1) 14all.cgi, (2) 14all-1.1.cgi, (3) traffic.cgi, or (4) mrtg.cgi. This can be accomplished by specifying a relative path and file name in a query string passed to the scripts via a properly constructed URL. The scripts reported to be vulnerable include mrtg.cgi, traffic.cgi, 14all-1.1.cgi, and 14all.cgi. An example URL is: http://somehost/mrtg.cgi?cfg=../../../../../../../../etc/passwd. All affected scripts are reportedly exploited with the same query string. (ie, the "cfg=" variable). Multi Router Traffic Grapher is a software that monitors traffic on network nodes. MRTG generates HTML pages containing GIF animations to represent a graphic representation of network traffic at that time. There is an input verification error in the implementation of the MRTG CGI program, and a remote attacker can use this vulnerability to browse any file that has permission to read on the host. The problem is that some CGI scripts of MRTG do not fully filter the user input. A remote attacker can traverse the directory on the host by inserting \"../\" into the input, and read any web process that has permission to read. document. The script programs affected by this vulnerability are mrtg.cgi, traffic.cgi, 14all-1.1.cgi and 14all.cgi, all of them use \"cfg\" variable, for example http://somehost/mrtg.cgi?cfg= ../../../../../../../../etc/passwd
Trust: 1.26
AFFECTED PRODUCTS
| vendor: | mrtg | model: | multi router traffic grapher cgi | scope: | eq | version: | 2.9.17 | Trust: 1.6 |
| vendor: | mrtg | model: | multi router traffic grapher cgi -win32 | scope: | eq | version: | 2.9.17 | Trust: 0.3 |
| vendor: | mrtg | model: | multi router traffic grapher cgi -unix | scope: | eq | version: | 2.9.17 | Trust: 0.3 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
PROBLEMTYPE DATA
| problemtype: | NVD-CWE-Other | Trust: 1.0 |
THREAT TYPE
remote
Trust: 0.6
TYPE
input validation
Trust: 0.6
EXTERNAL IDS
| db: | BID | id: | 4017 | Trust: 2.0 |
| db: | NVD | id: | CVE-2002-0232 | Trust: 2.0 |
| db: | CNNVD | id: | CNNVD-200205-109 | Trust: 0.7 |
| db: | BUGTRAQ | id: | 20020202 NEW ADVISORY | Trust: 0.6 |
| db: | XF | id: | 8062 | Trust: 0.6 |
| db: | VULHUB | id: | VHN-4625 | Trust: 0.1 |
REFERENCES
| url: | http://www.securityfocus.com/bid/4017 | Trust: 1.7 |
| url: | http://www.iss.net/security_center/static/8062.php | Trust: 1.7 |
| url: | http://marc.info/?l=bugtraq&m=101266821909189&w=2 | Trust: 1.0 |
| url: | http://marc.theaimsgroup.com/?l=bugtraq&m=101266821909189&w=2 | Trust: 0.6 |
| url: | http://www.mrtg.org | Trust: 0.3 |
| url: | http://marc.info/?l=bugtraq&m=101266821909189&w=2 | Trust: 0.1 |
CREDITS
UkR-XblP※ cuctema@ok.ru
Trust: 0.6
SOURCES
| db: | VULHUB | id: | VHN-4625 |
| db: | BID | id: | 4017 |
| db: | CNNVD | id: | CNNVD-200205-109 |
| db: | NVD | id: | CVE-2002-0232 |
LAST UPDATE DATE
2025-04-03T22:30:56.134000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-4625 | date: | 2016-10-18T00:00:00 |
| db: | BID | id: | 4017 | date: | 2009-07-11T09:56:00 |
| db: | CNNVD | id: | CNNVD-200205-109 | date: | 2005-10-20T00:00:00 |
| db: | NVD | id: | CVE-2002-0232 | date: | 2025-04-03T01:03:51.193 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-4625 | date: | 2002-05-29T00:00:00 |
| db: | BID | id: | 4017 | date: | 2002-02-02T00:00:00 |
| db: | CNNVD | id: | CNNVD-200205-109 | date: | 2002-02-04T00:00:00 |
| db: | NVD | id: | CVE-2002-0232 | date: | 2002-05-29T04:00:00 |