Описание
Security update for cacti
This update for cacti fixes the following issues:
Security issues fixed:
- CVE-2016-3172: SQL injection in tree.php (boo#971357)
- CVE-2016-3659: SQL injection in lib/functions.php (boo#974013)
Список пакетов
openSUSE Leap 42.1
cacti-0.8.8f-11.1
Ссылки
- E-Mail link for openSUSE-SU-2016:1328-1
- SUSE Security Ratings
Описание
SQL injection vulnerability in tree.php in Cacti 0.8.8g and earlier allows remote authenticated users to execute arbitrary SQL commands via the parent_id parameter in an item_edit action.
Затронутые продукты
openSUSE Leap 42.1:cacti-0.8.8f-11.1
Ссылки
- CVE-2016-3172
- SUSE Bug 971357
- SUSE Bug 974013
Описание
SQL injection vulnerability in graph_view.php in Cacti 0.8.8.g allows remote authenticated users to execute arbitrary SQL commands via the host_group_data parameter.
Затронутые продукты
openSUSE Leap 42.1:cacti-0.8.8f-11.1
Ссылки
- CVE-2016-3659
- SUSE Bug 974013