Описание
spikekill.php in Cacti before 1.1.16 might allow remote attackers to execute arbitrary code via the avgnan, outlier-start, or outlier-end parameter.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| cacti | fixed | 1.1.16+ds1-1 | package | |
| cacti | not-affected | stretch | package | |
| cacti | not-affected | jessie | package | |
| cacti | not-affected | wheezy | package |
Примечания
https://github.com/Cacti/cacti/commit/bd0e586f6f46d814930226f1516a194e7e72293e
https://github.com/Cacti/cacti/issues/877
Связанные уязвимости
CVSS3: 9.8
ubuntu
больше 8 лет назад
spikekill.php in Cacti before 1.1.16 might allow remote attackers to execute arbitrary code via the avgnan, outlier-start, or outlier-end parameter.
CVSS3: 9.8
nvd
больше 8 лет назад
spikekill.php in Cacti before 1.1.16 might allow remote attackers to execute arbitrary code via the avgnan, outlier-start, or outlier-end parameter.
CVSS3: 9.8
github
больше 3 лет назад
spikekill.php in Cacti before 1.1.16 might allow remote attackers to execute arbitrary code via the avgnan, outlier-start, or outlier-end parameter.
