Updated cacti package fixes multiple security vulnerabilities
Publication date: 09 Oct 2014Modification date: 09 Oct 2014
Type: security
Affected Mageia releases : 4
CVE: CVE-2014-5025 , CVE-2014-5026 , CVE-2014-5261 , CVE-2014-5262
Description
Updated cacti package fixes security vulnerabilities:
Multiple security issues (cross-site scripting, missing input sanitising and
SQL injection) have been discovered in Cacti, a web interface for graphing of
monitoring systems (CVE-2014-5025, CVE-2014-5026, CVE-2014-5261,
CVE-2014-5262).
References
- https://bugs.mageia.org/show_bug.cgi?id=13930
- https://www.debian.org/security/2014/dsa-3007
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5025
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5026
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5261
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5262
SRPMS
4/core
- cacti-0.8.8b-3.2.mga4