SQL Injection
Reply-To:
X-Reportbug-Version: 3.31
X-Operating-System: Linux darkside 2.6.19-beyond2-p4
Package: cacti
Followup-For: Bug #404818
I'm not a DD, but I'll try to find some to devote some time to working
on this.
-- System Information:
Debian Release: 4.0
APT prefers testing
tags 404818 help
thanks
hi,
these are probably all relevant to the cacti in etch/sid, and probably
sarge too. it's been too far down on my priority queue to talk to
upstream about this but i've suspected such problems for a while,
because the design is one of those everything in the web dir
Package: cacti
Version: 0.8.6i-2
Severity: important
Tags: security
rgod has discovered three vulnerabilities in Cacti, which can be exploited by
malicious people to bypass certain security restrictions, manipulate data and
compromise vulnerable systems.
1) The cmd.php script does not properly
3 matches
Mail list logo