Lucene search
SuseSUSE-SA:2007:007HistoryJan 12, 2007 - 4:16 p.m.
remote code execution in cacti
2007-01-1216:16:25
lists.opensuse.org
14
0.018 Low
EPSS
Percentile
88.3%
A command injection in cmd.php in cacti was fixed, which might have allowed remote attackers to inject commands and so execute code.
Solution
Please update to the fixed packages.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE | 9.3 | noarch | cacti | < 0.8.6e-2.5 | cacti-0.8.6e-2.5.noarch.rpm |
| openSUSE | 10.0 | noarch | cacti | < 0.8.6f-2.2 | cacti-0.8.6f-2.2.noarch.rpm |
| openSUSE | 10.2 | noarch | cacti | < 0.8.6h-36.2 | cacti-0.8.6h-36.2.noarch.rpm |
| openSUSE | 10.1 | noarch | cacti | < 0.8.6h-15.2 | cacti-0.8.6h-15.2.noarch.rpm |
Related
nessus
nessus
Debian DSA-1250-1 : cacti - missing input sanitising
2007-01-26 00:00:00
GLSA-200701-23 : Cacti: Command execution and SQL injection
2007-02-09 00:00:00
SUSE-SA:2007:007: cacti
2007-02-18 00:00:00
openvas
openvas
Debian Security Advisory DSA 1250-1 (cacti)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200701-23 (cacti)
2008-09-24 00:00:00
FreeBSD Ports: cacti
2008-09-04 00:00:00
osv
osv
cacti
2007-01-17 00:00:00
gentoo
gentoo
Cacti: Command execution and SQL injection
2007-01-26 00:00:00
cvelist
cvelist
CVE-2006-6799
2006-12-28 21:00:00
debian
debian
[SECURITY] [DSA 1250-1] New cacti packages fix arbitrary code execution
2007-01-17 18:24:39
nvd
nvd
CVE-2006-6799
2006-12-28 21:28:00
debiancve
debiancve
CVE-2006-6799
2006-12-28 21:28:00
cve
cve
CVE-2006-6799
2006-12-28 21:28:00
ubuntucve
ubuntucve
CVE-2006-6799
2006-12-28 00:00:00
securityvulns
securityvulns