cacti -- Multiple security vulnerabilities have been discovered

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: cacti -- Multiple security vulnerabilities have been discovered
From: Mario Sergio Candian <mscandian@xxxxxxxxxxxxxxxxxxxx>
Date: Tue, 12 Feb 2008 14:42:01 -0200
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
User-agent: Thunderbird 2.0.0.6 (X11/20070822)

Affected packages:
cacti < 0.8.7b

Multiple security vulnerabilities have been discovered in Cacti's webinterface:


   * XSS vulnerabilities
   * Path disclosure vulnerabilities
   * SQL injection vulnerabilities
   * HTTP response splitting vulnerabilities

References:
http://forums.cacti.net/about25749.html

--
Mario Sergio Candian
-
Live your dreams and face your fears

Prev by Date: FLEA-2008-0007-1 gd
Next by Date: Re: Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.0
Previous by thread: FLEA-2008-0007-1 gd
Next by thread: LI-countdown SQL Injection Vulnerability
Index(es):
- Date
- Thread