9 matches found
CVE-2017-16660
Cacti 1.1.27 allows remote authenticated administrators to conduct Remote Code Execution attacks by placing the Log Path under the web root, and then making a remoteagent.php request containing PHP code in a Client-ip header...
Fedora 27 : cacti (2017-cf75844225)
Update to 1.1.28 - CVE-2017-16641, CVE-2017-16660, CVE-2017-16661, CVE-2017-16785 Release notes: https://www.cacti.net/releasenotes.php?version=1.1.28 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has...
[ASA-201712-2] cacti: multiple issues
Arch Linux Security Advisory ASA-201712-2 ========================================= Severity: High Date : 2017-12-02 CVE-ID : CVE-2017-16641 CVE-2017-16660 CVE-2017-16661 CVE-2017-16785 Package : cacti Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-537 Summary =====...
Fedora 25 : cacti (2017-d008ecf87a)
Update to 1.1.28 - CVE-2017-16641, CVE-2017-16660, CVE-2017-16661, CVE-2017-16785 Release notes: https://www.cacti.net/releasenotes.php?version=1.1.28 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has...
Fedora Update for cacti FEDORA-2017-cf75844225
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for cacti (openSUSE-SU-2017:3051-1)
The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
FreeBSD : cacti -- multiple vulnerabilities (db570002-ce06-11e7-804e-c85b763a2f96)
cacti reports : Changelog issue1057: CVE-2017-16641 - Potential vulnerability in RRDtool functions issue1066: CVE-2017-16660 in remoteagent.php logging function issue1066: CVE-2017-16661 in view log file issue1071: CVE-2017-16785 in globalsession.php Reflection XSS %NASLMINLEVEL 70300 C Tenable...
CVE-2017-16660
Cacti 1.1.27 allows remote authenticated administrators to conduct Remote Code Execution attacks by placing the Log Path under the web root, and then making a remoteagent.php request containing PHP code in a Client-ip header...
CVE-2017-16660
CVE-2017-16660 affects Cacti 1.1.27, where remote authenticated administrators can trigger Remote Code Execution by placing the Log Path under the web root and issuing a remote_agent.php request containing PHP code in the Client-ip header. This vulnerability is documented as an arbitrary-code-exe...