Cacti Security Update for Debian 6 LTS

Debian 9896 Published by

A cacti security update has been released for Debian 6 LTS



Package : cacti
Version : 0.8.7g-1+squeeze6
CVE ID : CVE-2015-2665 CVE-2015-4342 CVE-2015-4454

Several vulnerabilities (cross-site scripting and SQL injection) have
been discovered in Cacti, a web interface for graphing of monitoring
systems.

We recommend that you upgrade your cacti packages.

CVE-2015-2665

Cross-site scripting (XSS) vulnerability in Cacti before 0.8.8d
allows remote attackers to inject arbitrary web script or HTML via
unspecified vectors.

CVE-2015-4342

SQL Injection and Location header injection from cdef id

CVE-2015-4454

SQL injection vulnerability in the get_hash_graph_template function
in lib/functions.php in Cacti before 0.8.8d allows remote attackers
to execute arbitrary SQL commands via the graph_template_id
parameter to graph_templates.php

Unassigned CVE SQL injection VN:JVN#78187936 / TN:JPCERT#98968540

SQL injection vulnerability in the settings page

5 things you should know about Windows as a Service and more

Batman Arkham Knight Gaming Performance Benchmarked and more

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...