13 matches found
EUVD-2016-1701
Malware in sbrugna...
Debian: Security Advisory (DLA-560-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2016-10700
CVE-2016-10700 affects Cacti prior to 1.0.0, where auth_login.php lets remote authenticated users bypass access restrictions by logging in as a non-existent user (guest not counted), tied to an incomplete fix for CVE-2016-2313. Public sources in connected documents confirm the vulnerability and n...
GLSA-201711-10 : Cacti: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201711-10 Cacti: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Cacti. Please review the CVE identifiers referenced below for details. Impact : Remote attackers could execute arbitrary code or bypass...
[SECURITY] [DLA 560-2] cacti regression update
Package : cacti Version : 0.8.8a+dfsg-5+deb7u10 The fix for CVE-2016-2313 did not take into account guest users. This update fixes it. For Debian 7 "Wheezy", these problems have been fixed in version 0.8.8a+dfsg-5+deb7u10. We recommend that you upgrade your cacti packages. Further information abo...
DLA-560-2 cacti - regression update
Bulletin has no description...
DLA-560-1 cacti - security update
Bulletin has no description...
Debian DLA-560-2 : cacti regression update
Three security issues have been found in cacti : CVE-2016-2313 authlogin.php allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user not in the cacti database. CVE-2016-3172 A SQL injection vulnerability in tree.php allows remote...
[SECURITY] [DLA 560-1] cacti security update
Package : cacti Version : 0.8.8a+dfsg-5+deb7u9 CVE ID : CVE-2016-2313 CVE-2016-3172 CVE-2016-3659 Three security issues have been found in cacti: CVE-2016-2313 authlogin.php allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user...
CVE-2016-2313
authlogin.php in Cacti before 0.8.8g allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user not in the cacti database...
CVE-2016-2313
authlogin.php in Cacti before 0.8.8g allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in as a user not in the cacti database...
CVE-2016-2313
CVE-2016-2313 affects Cacti: auth_login.php in Cacti prior to 0.8.8g (and later 1.0.0 in some advisories) allows remote authenticated users who use web authentication to bypass access restrictions by logging in as a user not present in the Cacti database, due to the guest user not being considere...
Updated cacti packages fix CVE-2016-2313
Updated cacti package fixes security vulnerability: Authentication using web authentication as a user not in the cacti database allows complete access CVE-2016-2313...