Lucene search
K

7 matches found

Mageia
Mageia
added 2014/10/09 2:6 p.m.39 views

Updated cacti package fixes multiple security vulnerabilities

Updated cacti package fixes security vulnerabilities: Multiple security issues cross-site scripting, missing input sanitising and SQL injection have been discovered in Cacti, a web interface for graphing of monitoring systems CVE-2014-5025, CVE-2014-5026, CVE-2014-5261, CVE-2014-5262...

7.5CVSS9.1AI score0.10773EPSS
Exploits3References2
Debian
Debian
added 2014/08/22 5:44 p.m.32 views

[DLA 40-1] cacti security update

Package : cacti Version : 0.8.7g-1+squeeze5 CVE ID : CVE-2014-5025 CVE-2014-5026 CVE-2014-5261 CVE-2014-5262 Debian Bug : 755032 Multiple security issues cross-site scripting, missing input sanitizing and SQL injection have been discovered in Cacti, a web interface for graphing of monitoring...

7.5CVSS9.2AI score0.10773EPSS
Exploits3
NVD
NVD
added 2014/08/22 2:55 p.m.19 views

CVE-2014-5261

The graph settings script graphsettings.php in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a font size, related to the rrdtool commandline in lib/rrd.php...

7.5CVSS9AI score0.10773EPSS
Exploits1References8
OSV
OSV
added 2014/08/22 2:55 p.m.9 views

CVE-2014-5261

The graph settings script graphsettings.php in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a font size, related to the rrdtool commandline in lib/rrd.php...

7.3AI score
Exploits0References8
CVE
CVE
added 2014/08/22 2:0 p.m.78 views

CVE-2014-5261

CVE-2014-5261 affects Cacti (web GUI) up to version 0.8.8b and earlier, where graph_settings.php allows remote command execution via shell metacharacters in a font size parameter, linked to rrdtool usage in lib/rrd.php. This can enable remote code execution with network attack vector and no authe...

7.5CVSS8.8AI score0.10773EPSS
Exploits1References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/08/21 12:0 a.m.30 views

Debian DSA-3007-1 : cacti - security update

Multiple security issues cross-site scripting, missing input sanitising and SQL injection have been discovered in Cacti, a web interface for graphing of monitoring systems. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

7.5CVSS8AI score0.10773EPSS
Exploits3References6
Debian
Debian
added 2014/08/20 9:59 a.m.24 views

[SECURITY] [DSA 3007-1] cacti security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3007-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff August 20, 2014 http://www.debian.org/security/faq -...

7.5CVSS6.8AI score0.10773EPSS
Exploits3
Rows per page
Query Builder