Paul,
CVE-2014-2708 and CVE-2014-2709 are address in
http://bugs.cacti.net/view.php?id=2405
Security patch for the following has been posted on the Cacti site for
versions 0.8.7g to 0.8.8b:
- CVE-2014-2326 Unspecified HTML Injection Vulnerability
- CVE-2014-2328 Unspecified Remote Command Execut
Paul,
I created 3 bugs to fix the issues outlined. I'm still working on
CVE-2014-2327 as it will require a little more work to mitigate in the
Cacti code. As for your questions about past CVE, the currently
reported ones are valid from the reported version to the latest. Once I
have resolved th
Hi,
As the maintainer of Cacti in Debian, I received [1] your security
report [2] on Cacti yesterday. I have several questions.
I didn't see any public communication with the upstream maintainers, so
I assume it was done in private. After releasing your CVE numbers,
wouldn't it been nice to repor
3 matches
Mail list logo
