Kali Linux Package Tracker
Register | Log in

cacti 0.8.8a+dfsg-5+deb7u5 has been added to Kali Security

News for package cacti

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 3.0 (quilt)
Source: cacti
Binary: cacti
Architecture: all
Version: 0.8.8a+dfsg-5+deb7u5
Maintainer: Cacti Maintainer <[email protected]>
Uploaders: Sean Finney <[email protected]>, Mahyuddin Susanto <[email protected]>, Paul Gevers <[email protected]>
Dm-Upload-Allowed: yes
Homepage: http://www.cacti.net/
Standards-Version: 3.9.3
Vcs-Browser: http://git.debian.org/?p=pkg-cacti/cacti.git
Vcs-Git: git://git.debian.org/pkg-cacti/cacti.git
Build-Depends: debhelper (>= 7.0.50~), po-debconf
Package-List: 
 cacti deb web extra
Checksums-Sha1: 
 4345484327a663043f2c25cc14da763ed0b10bce 2262792 cacti_0.8.8a+dfsg.orig.tar.gz
 5339a9ef3ac40bfa0c7103453408be257a403d5d 125708 cacti_0.8.8a+dfsg-5+deb7u5.debian.tar.gz
Checksums-Sha256: 
 18575e99b5be11edb150a5a20a8a63f8cbf50be0adb0c4892db3be68ca1fcf74 2262792 cacti_0.8.8a+dfsg.orig.tar.gz
 ba954ad904a437dded38b9694d4d898c855ee7d8f5c6a526b394a4ce35d6f7c8 125708 cacti_0.8.8a+dfsg-5+deb7u5.debian.tar.gz
Files: 
 45ef51a85ee91bf9212478cc4af1c5de 2262792 cacti_0.8.8a+dfsg.orig.tar.gz
 3ce0aa696829648a500e89a6806431f8 125708 cacti_0.8.8a+dfsg-5+deb7u5.debian.tar.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBCAAGBQJVia7tAAoJEJxcmesFvXUKcmgIAM2WXEz5MbD2PxziVlOm27TI
v0Qtr/7TtpkCHu5Qj+/+aDJS12IKOCIYpFG1D7hwBwp4RSJsDuqr4x4TrZLemihz
FinNhDjJop/piL7skJ7Z4TVJAqWDAtARcFIhV+zqlqEP22KnQXN3/DILn79zK5K7
3iwD8f2sqEZHLo+xQrlQWYfCT9mfK/qFQUEpgV8eu3kLt2tO7M1ZIKTvlBdHZBbI
6k/mymG1pFZBWMtUHqBfX/DfZt7lnXM2Apz1FPr+u62ky+OPf3vhCbl3YgVvDoix
aKDrjLTWTn2j9E9arEVNv+u69nSYHNquu5bxMeu54k5AT1NCx1mcutb0S9kr0+I=
=7RrQ
-----END PGP SIGNATURE-----

Changes:
cacti (0.8.8a+dfsg-5+deb7u5) wheezy-security; urgency=high

  * Security update
    - CVE-2015-2665 Cross-site scripting (XSS) vulnerability in Cacti
      before 0.8.8d allows remote attackers to inject arbitrary web script
      or HTML via unspecified vectors.
    - CVE-2015-4342 SQL Injection and Location header injection from cdef
      id
    - CVE-2015-4454 SQL injection vulnerability in the
      get_hash_graph_template function in lib/functions.php in Cacti before
      0.8.8d allows remote attackers to execute arbitrary SQL commands via
      the graph_template_id parameter to graph_templates.php.
    - Unassigned CVE SQL injection VN:JVN#78187936 / TN:JPCERT#98968540

 -- Paul Gevers <[email protected]>  Mon, 22 Jun 2015 20:55:59 +0200