Описание
SQL injection vulnerability in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving a cdef id.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| cacti | fixed | 0.8.8d+ds1-1 | package |
Примечания
Original report: http://seclists.org/fulldisclosure/2015/Jun/19
Upstream bug: http://bugs.cacti.net/view.php?id=2571 (not yet accessible)
http://svn.cacti.net/viewvc?view=rev&revision=7719
Fixed upstream in 0.8.8d
Связанные уязвимости
SQL injection vulnerability in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving a cdef id.
SQL injection vulnerability in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving a cdef id.
SQL injection vulnerability in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving a cdef id.