logo
DATABASE RESOURCES PRICING ABOUT US

[DLA 40-1] cacti security update

Description

Package : cacti Version : 0.8.7g-1+squeeze5 CVE ID : CVE-2014-5025 CVE-2014-5026 CVE-2014-5261 CVE-2014-5262 Debian Bug : 755032 Multiple security issues (cross-site scripting, missing input sanitizing and SQL injection) have been discovered in Cacti, a web interface for graphing of monitoring systems. Furthermore, the fix for CVE-2014-4002 in the previous security update has been brought in-line with the upstream fix as it caused a regression for people using the plug-in system.


Affected Package


OS OS Version Package Name Package Version
Debian 6 cacti 0.8.7g-1+squeeze5
Debian 7 cacti 0.8.8a+dfsg-5+deb7u3
Debian 6 cacti 0.8.7g-1+squeeze4
Debian 7 cacti 0.8.8a+dfsg-5+deb7u4

Related