15 matches found
Gentoo Security Advisory GLSA 201509-03
Gentoo Linux Local Security Checks GLSA 201509-03 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
GLSA-201509-03 : Cacti: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201509-03 Cacti: Multiple vulnerabilities Multiple vulnerabilities have been discovered in cacti. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly execute arbitrary code wit...
Debian DLA-40-1 : cacti security update
Multiple security issues cross-site scripting, missing input sanitizing and SQL injection have been discovered in Cacti, a web interface for graphing of monitoring systems. Furthermore, the fix for CVE-2014-4002 in the previous security update has been brought in-line with the upstream fix as it...
openSUSE Security Update : cacti (openSUSE-2015-221)
cacti was updated to version 0.8.8c boo920399 This update fixes four vulnerabilities and adds some compatible features. - Security fixes not previously patched : - CVE-2014-2326 - XSS issue via CDEF editing - CVE-2014-2327 - Cross-site request forgery CSRF vulnerability - CVE-2014-2328 - Remote...
cacti -- multiple security vulnerabilities
The Cacti Group, Inc. reports: Important Security Fixes CVE-2013-5588 - XSS issue via installer or device editing CVE-2013-5589 - SQL injection vulnerability in device editing CVE-2014-2326 - XSS issue via CDEF editing CVE-2014-2327 - Cross-site request forgery CSRF vulnerability CVE-2014-2328 -...
[SECURITY] [DSA 2970-1] cacti security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2970-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 29, 2014 http://www.debian.org/security/faq -...
DLA-40-1 cacti - security update
Bulletin has no description...
Updated cacti package fixes security vulnerabilities
Multiple security issues cross-site scripting, cross-site request forgery, SQL injections, missing input sanitising have been found in Cacti CVE-2014-2326, CVE-2014-2328, CVE-2014-2708, CVE-2014-2709, CVE-2014-4002...
Fedora Update for cacti FEDORA-2014-7849
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for cacti FEDORA-2014-7836
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 20 : cacti-0.8.8b-7.fc20 (2014-7836)
Patches for CVE-2014-4002 Cross-site scripting vulnerability Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
Fedora 19 : cacti-0.8.8b-7.fc19 (2014-7849)
Patches for CVE-2014-4002 Cross-site scripting vulnerability Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
CVE-2014-4002
Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the 1 drpaction parameter to cdef.php, 2 datainput.php, 3 dataqueries.php, 4 datasources.php, 5 datatemplates.php, 6 graphtemplates.php, 7 graphs.php, 8 host.php, or...
CVE-2014-4002
Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the 1 drpaction parameter to cdef.php, 2 datainput.php, 3 dataqueries.php, 4 datasources.php, 5 datatemplates.php, 6 graphtemplates.php, 7 graphs.php, 8 host.php, or...
CVE-2014-4002
CVE-2014-4002 is a set of cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b that affect multiple PHP scripts and parameters, including drp_action in cdef.php and numerous others (data_input.php, data_queries.php, data_sources.php, data_templates.php, graph_templates.php, graphs.php, host...