*** This bug is a duplicate of bug 164072 ***
https://bugs.launchpad.net/bugs/164072
Public bug reported:
Binary package hint: cacti
References:
DSA-1418-1 (http://www.debian.org/security/2007/dsa-1418)
Quoting DSA-1418-1:
"It was discovered that Cacti, a tool to monitor systems and networks, performs
insufficient input sanitising, which allows SQL injection."
Quoting CVE-2007-6035:
"SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows remote
attackers to execute arbitrary SQL commands via the local_graph_id parameter."
** Affects: cacti (Ubuntu)
Importance: Undecided
Status: New
** Visibility changed to: Public
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2007-6035
** Description changed:
Binary package hint: cacti
References:
DSA-1418-1 (http://www.debian.org/security/2007/dsa-1418)
Quoting DSA-1418-1:
"It was discovered that Cacti, a tool to monitor systems and networks,
performs insufficient input sanitising, which allows SQL injection."
- Quoting DSA-1418-1:
+ Quoting CVE-2007-6035:
"SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows
remote attackers to execute arbitrary SQL commands via the local_graph_id
parameter."
** This bug has been marked a duplicate of bug 164072
[CVE-2007-6035] cacti has a sql injection vulnerability
--
[cacti] missing input sanitising
https://bugs.launchpad.net/bugs/173611
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
