*** This bug is a duplicate of bug 164072 *** https://bugs.launchpad.net/bugs/164072
Public bug reported: Binary package hint: cacti References: DSA-1418-1 (http://www.debian.org/security/2007/dsa-1418) Quoting DSA-1418-1: "It was discovered that Cacti, a tool to monitor systems and networks, performs insufficient input sanitising, which allows SQL injection." Quoting CVE-2007-6035: "SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter." ** Affects: cacti (Ubuntu) Importance: Undecided Status: New ** Visibility changed to: Public ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2007-6035 ** Description changed: Binary package hint: cacti References: DSA-1418-1 (http://www.debian.org/security/2007/dsa-1418) Quoting DSA-1418-1: "It was discovered that Cacti, a tool to monitor systems and networks, performs insufficient input sanitising, which allows SQL injection." - Quoting DSA-1418-1: + Quoting CVE-2007-6035: "SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter." ** This bug has been marked a duplicate of bug 164072 [CVE-2007-6035] cacti has a sql injection vulnerability -- [cacti] missing input sanitising https://bugs.launchpad.net/bugs/173611 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs