Secunia Security Advisory - Debian has issued an update for cacti. This fixes two security issues and some vulnerabilities, which can be exploited by malicious people to disclose system information, conduct cross-site scripting attacks, execute arbitrary SQL code, and potentially compromise a vulnerable system.
df120b990c6687f55f5dab58ee75d685c8877d1e579b8cd9a493fcc76bbf9ccf
TITLE:
Debian update for cacti
SECUNIA ADVISORY ID:
SA19590
VERIFY ADVISORY:
http://secunia.com/advisories/19590/
CRITICAL:
Moderately critical
IMPACT:
System access, Exposure of system information, Manipulation of data,
Cross Site Scripting, Security Bypass
WHERE:
>From remote
OPERATING SYSTEM:
Debian GNU/Linux 3.1
http://secunia.com/product/5307/
Debian GNU/Linux unstable alias sid
http://secunia.com/product/530/
DESCRIPTION:
Debian has issued an update for cacti. This fixes two security issues
and some vulnerabilities, which can be exploited by malicious people
to disclose system information, conduct cross-site scripting attacks,
execute arbitrary SQL code, and potentially compromise a vulnerable
system.
For more information:
SA17418
SA18575
SA18928
SOLUTION:
Apply updated packages.
-- Debian GNU/Linux 3.1 alias sarge --
Source archives:
http://security.debian.org/pool/updates/main/c/cacti/cacti_0.8.6c-7sarge3.dsc
Size/MD5 checksum: 597 9ad5bc63bba985893a14044dd5b37592
http://security.debian.org/pool/updates/main/c/cacti/cacti_0.8.6c-7sarge3.diff.gz
Size/MD5 checksum: 43881 b9c59a54f46b820480f4ee4fb7402074
http://security.debian.org/pool/updates/main/c/cacti/cacti_0.8.6c.orig.tar.gz
Size/MD5 checksum: 1046586 b4130300f671e773ebea3b8f715912c1
Architecture independent components:
http://security.debian.org/pool/updates/main/c/cacti/cacti_0.8.6c-7sarge3_all.deb
Size/MD5 checksum: 1058818 afe7c7131aacf8eaaaee0a3c39933834
-- Debian GNU/Linux unstable alias sid --
The vulnerabilities will reportedly be fixed soon.
ORIGINAL ADVISORY:
http://www.us.debian.org/security/2006/dsa-1031
OTHER REFERENCES:
SA17418
http://secunia.com/advisories/17418/
SA18575
http://secunia.com/advisories/18575/
SA18928:
http://secunia.com/advisories/18928/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed