Bugs fixes in "cacti"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2014-4000 | PHP Object Injection Vulnerabilities | 2017-02-15 |
| CVE | CVE-2016-3659 | SQL injection vulnerability in graph_view.php in Cacti 0.8.8.g allows remote authenticated users to execute arbitrary SQL commands via the host_group | 2017-02-15 |
| CVE | CVE-2016-3172 | SQL injection vulnerability in tree.php in Cacti 0.8.8g and earlier allows remote authenticated users to execute arbitrary SQL commands via the paren | 2017-02-15 |
| CVE | CVE-2016-2313 | auth_login.php in Cacti before 0.8.8g allows remote authenticated users who use web authentication to bypass intended access restrictions by logging | 2017-02-15 |
| Launchpad | 1588813 | cacti still not compatible with MySQL 5.7 default sql_mode | 2016-06-20 |
| Launchpad | 1588813 | cacti still not compatible with MySQL 5.7 default sql_mode | 2016-06-09 |
| Launchpad | 1578144 | cacti and cacti-spine are not compatible with MySQL 5.7 default sql_mode | 2016-05-30 |
| Launchpad | 1578144 | cacti and cacti-spine are not compatible with MySQL 5.7 default sql_mode | 2016-05-24 |
| Launchpad | 1571432 | Cacti package is incompatible with PHP7 on Xenial | 2016-04-19 |
| Launchpad | 1568136 | cacti depends on xml and mbstring extensions at runtime | 2016-04-09 |
| Launchpad | 1568136 | cacti depends on xml and mbstring extensions at runtime | 2016-04-09 |
| CVE | CVE-2014-4002 | Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the (1) drp_act | 2015-07-01 |
| CVE | CVE-2014-2327 | Cross-site request forgery (CSRF) vulnerability in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to hijack the authentication of users fo | 2015-07-01 |
| CVE | CVE-2014-5043 | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed th | 2015-07-01 |
| CVE | CVE-2014-5026 | Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web scri | 2015-07-01 |
| CVE | CVE-2014-5025 | Cross-site scripting (XSS) vulnerability in data_sources.php in Cacti 0.8.8b allows remote authenticated users with console access to inject arbitrar | 2015-07-01 |
| CVE | CVE-2014-5262 | SQL injection vulnerability in the graph settings script (graph_settings.php) in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrar | 2015-07-01 |
| CVE | CVE-2014-5261 | The graph settings script (graph_settings.php) in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary commands via shell metacharac | 2015-07-01 |
| CVE | CVE-2015-4454 | SQL injection vulnerability in the get_hash_graph_template function in lib/functions.php in Cacti before 0.8.8d allows remote attackers to execute ar | 2015-07-01 |
| CVE | CVE-2015-4342 | SQL injection vulnerability in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving a cdef | 2015-07-01 |
About
-
Send Feedback to @ubuntu_updates
