logo
DATABASE RESOURCES PRICING ABOUT US

cacti - security update

Description

Multiple security issues (cross-site scripting, missing input sanitizing and SQL injection) have been discovered in Cacti, a web interface for graphing of monitoring systems. Furthermore, the fix for [CVE-2014-4002](https://security-tracker.debian.org/tracker/CVE-2014-4002) in the previous security update has been brought in-line with the upstream fix as it caused a regression for people using the plug-in system. For Debian 6 Squeeze, these issues have been fixed in cacti version 0.8.7g-1+squeeze5


Affected Software


CPE Name Name Version
cacti 0.8.7g-1
cacti 0.8.7g-1+squeeze1
cacti 0.8.7g-1+squeeze2
cacti 0.8.7g-1+squeeze3
cacti 0.8.7g-1+squeeze4

Related