7 matches found
Updated cacti package fixes multiple security vulnerabilities
Updated cacti package fixes security vulnerabilities: Multiple security issues cross-site scripting, missing input sanitising and SQL injection have been discovered in Cacti, a web interface for graphing of monitoring systems CVE-2014-5025, CVE-2014-5026, CVE-2014-5261, CVE-2014-5262...
[DLA 40-1] cacti security update
Package : cacti Version : 0.8.7g-1+squeeze5 CVE ID : CVE-2014-5025 CVE-2014-5026 CVE-2014-5261 CVE-2014-5262 Debian Bug : 755032 Multiple security issues cross-site scripting, missing input sanitizing and SQL injection have been discovered in Cacti, a web interface for graphing of monitoring...
CVE-2014-5261
The graph settings script graphsettings.php in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a font size, related to the rrdtool commandline in lib/rrd.php...
CVE-2014-5261
The graph settings script graphsettings.php in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a font size, related to the rrdtool commandline in lib/rrd.php...
CVE-2014-5261
CVE-2014-5261 affects Cacti (web GUI) up to version 0.8.8b and earlier, where graph_settings.php allows remote command execution via shell metacharacters in a font size parameter, linked to rrdtool usage in lib/rrd.php. This can enable remote code execution with network attack vector and no authe...
Debian DSA-3007-1 : cacti - security update
Multiple security issues cross-site scripting, missing input sanitising and SQL injection have been discovered in Cacti, a web interface for graphing of monitoring systems. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
[SECURITY] [DSA 3007-1] cacti security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3007-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff August 20, 2014 http://www.debian.org/security/faq -...