Debian 9843 Published by

A cacti security update has been released for Debian 6.0 LTS



Package : cacti
Version : 0.8.7g-1+squeeze5
CVE ID : CVE-2014-5025 CVE-2014-5026 CVE-2014-5261 CVE-2014-5262
Debian Bug : 755032

Multiple security issues (cross-site scripting, missing input sanitizing
and SQL injection) have been discovered in Cacti, a web interface for
graphing of monitoring systems.

Furthermore, the fix for CVE-2014-4002 in the previous security update
has been brought in-line with the upstream fix as it caused a
regression for people using the plug-in system.