cacti 0.8.8b+dfsg-5ubuntu0.1 source package in Ubuntu
Changelog
cacti (0.8.8b+dfsg-5ubuntu0.1) trusty-security; urgency=medium * Security update (LP: #1210822): - CVE-2015-2665 Cross-site scripting (XSS) vulnerability in Cacti before 0.8.8d allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. - CVE-2015-4342 SQL Injection and Location header injection from cdef id - CVE-2015-4454 SQL injection vulnerability in the get_hash_graph_template function in lib/functions.php in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via the graph_template_id parameter to graph_templates.php. - Unassigned CVE SQL injection VN:JVN#78187936 / TN:JPCERT#98968540 - CVE-2014-5261 Unsufficient input sanitation leads to shell command injection possibilities - CVE-2014-5262 Incomplete and incorrect input parsing leads to SQL injection attack scenarios - CVE-2014-5025 Cross Site Scripting Vulnerability - CVE-2014-5026 Cross Site Scripting Vulnerability - CVE-2014-5043 Cross Site Scripting Vulnerability - CVE-2014-2327 Cross Site Request Forgery Vulnerability - CVE-2014-4002 Cross-Site Scripting Vulnerability -- Paul Gevers <email address hidden> Sat, 27 Jun 2015 14:25:12 +0200
Upload details
- Uploaded by:
- Paul Gevers
- Sponsored by:
- Steve Beattie
- Uploaded to:
- Trusty
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- web
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
cacti_0.8.8b+dfsg.orig.tar.bz2 | 2.0 MiB | bc4b733055e66e1f75e67e697d97793c072ce82e31c5cfa21aab781cc470171b |
cacti_0.8.8b+dfsg-5ubuntu0.1.debian.tar.gz | 124.2 KiB | dee1c8a412281b81c23f46089f118d2fb91e0125711a996479b693cba12b561d |
cacti_0.8.8b+dfsg-5ubuntu0.1.dsc | 2.0 KiB | 48b5e60a0d3a4d6d6d6448e94cd7a57e16c55b20ea58d197d10872053398a06f |
Available diffs
Binary packages built by this source
- cacti: web interface for graphing of monitoring systems
Cacti is a complete PHP-driven front-end for RRDTool. It stores all of
the necessary data source information to create graphs, handles the data
gathering, and populates the MySQL database with round-robin archives.
It also includes SNMP support for those used to creating traffic graphs
with MRTG.
.
This package requires a functional MySQL database server on either the
installation host or a remotely accessible system.