PT-2026-52142

Name of the Vulnerable Software and Affected Versions Cacti versions prior to 1.2.31 Description Command Injection occurs due to insufficient sanitization in the escape command function located at lib/rrd.php, which acts as a no-op by returning the $command unchanged. The command line constructed...

Linux Distros Unpatched Vulnerability : CVE-2014-6262

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple format string vulnerabilities in the python module in RRDtool, as used in Zenoss Core before 4.2.5 and other products, allow remote attackers to execut...

SUSE CVE-2013-2131

Format string vulnerability in the rrdtool module 1.4.7 for Python, as used in Zenoss, allows context-dependent attackers to cause a denial of service crash via format string specifiers to the rrdtool.graph function...

UBUNTU-CVE-2014-6262

Multiple format string vulnerabilities in the python module in RRDtool, as used in Zenoss Core before 4.2.5 and other products, allow remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted third argument to the rrdtool.graph function, aka ZEN-15415...

DEBIAN-CVE-2013-2131

Format string vulnerability in the rrdtool module 1.4.7 for Python, as used in Zenoss, allows context-dependent attackers to cause a denial of service crash via format string specifiers to the rrdtool.graph function...

Fedora 7 : cacti-0.8.7b-1.fc7 (2008-1737)

XSS vulnerabilities Path disclosure vulnerabilities SQL injection vulnerabilities HTTP response splitting vulnerabilities bug0000855: Unnecessary and faulty DEF generation for CF:AVERAGE bug0001083: Small visual fix for Cacti in 'View Cacti Log File' bug0001089: Graph xport modification to...