17 matches found
Gentoo Security Advisory GLSA 201509-03
Gentoo Linux Local Security Checks GLSA 201509-03 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
GLSA-201509-03 : Cacti: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201509-03 Cacti: Multiple vulnerabilities Multiple vulnerabilities have been discovered in cacti. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly execute arbitrary code wit...
openSUSE Security Update : cacti (openSUSE-2015-221)
cacti was updated to version 0.8.8c boo920399 This update fixes four vulnerabilities and adds some compatible features. - Security fixes not previously patched : - CVE-2014-2326 - XSS issue via CDEF editing - CVE-2014-2327 - Cross-site request forgery CSRF vulnerability - CVE-2014-2328 - Remote...
cacti -- multiple security vulnerabilities
The Cacti Group, Inc. reports: Important Security Fixes CVE-2013-5588 - XSS issue via installer or device editing CVE-2013-5589 - SQL injection vulnerability in device editing CVE-2014-2326 - XSS issue via CDEF editing CVE-2014-2327 - Cross-site request forgery CSRF vulnerability CVE-2014-2328 -...
[SECURITY] [DSA 2970-1] cacti security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2970-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 29, 2014 http://www.debian.org/security/faq -...
Updated cacti package fixes security vulnerabilities
Multiple security issues cross-site scripting, cross-site request forgery, SQL injections, missing input sanitising have been found in Cacti CVE-2014-2326, CVE-2014-2328, CVE-2014-2708, CVE-2014-2709, CVE-2014-4002...
cacti security update
Package : cacti Version : 0.8.7g-1+squeeze4 CVE ID : CVE-2014-2326 CVE-2014-2327 CVE-2014-2328 CVE-2014-2708 CVE-2014-2709 CVE-2014-4002 Debian Bug : 742768 743565 752573 Multiple security issues cross-site scripting, cross-site request forgery, SQL injections, missing input sanitising have been...
Fedora Update for cacti FEDORA-2014-7849
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for cacti FEDORA-2014-7836
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for cacti FEDORA-2014-4928
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for cacti FEDORA-2014-4892
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 20 : cacti-0.8.8b-5.fc20 (2014-4892)
Patches for four CVEs. This update fixes SQL injection, shell escaping issues, a stored XSS attack, and use of exec-like function calls without safety checks allowing arbitrary command execution. Note that Tenable Network Security has extracted the preceding description block directly from the...
CVE-2014-2326
Cross-site scripting XSS vulnerability in cdef.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2014-2326
Cross-site scripting XSS vulnerability in cdef.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2014-2326
Cross-site scripting XSS vulnerability in cdef.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2014-2326
CVE-2014-2326 is an XSS vulnerability in Cacti, affecting 0.8.7g, 0.8.8b and earlier, via cdef.php (CDEF editing). Exploitation could inject arbitrary script in web context. Remediation per connected docs: upgrade to the patched release (e.g., Cacti 0.8.8d or later; vendors list updates such as 0...
CVE-2014-2326
Cross-site scripting XSS vulnerability in cdef.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...