Ubuntu
cacti package

cacti 0.8.6h-3ubuntu0.3 source package in Ubuntu

Changelog

cacti (0.8.6h-3ubuntu0.3) edgy-security; urgency=low

  * SECURITY UPDATE: (LP: #192199)
    + CVE-2008-0783: Multiple cross-site scripting (XSS) vulnerabilities in
      Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote attackers to
      inject arbitrary web script or HTML via the (1) view_type parameter to
      graph.php, (2) filter parameter to graph_view.php, and (3) action and
      login_username parameters to index.php/login.
    + CVE-2008-0784: graph.php in Cacti 0.8.7 before 0.8.7b and 0.8.6 before
      0.8.6k allows remote attackers to obtain the full path via an invalid
      local_graph_id parameter and other unspecified vectors.
  * debian/patches/11_CVE-2008-0783_CVE-2008-0784.dpatch: applied patch by
    upstream. (backported from 0.8.6j)
    (Link: http://www.cacti.net/downloads/patches/0.8.6j/multiple_vulnerabilities-0.8.6j.patch)
  * References:
    CVE-2008-0783
    CVE-2008-0784

 -- Emanuele Gentili <email address hidden>   Sun, 17 Feb 2008 21:41:59 +0100

Upload details

Uploaded by:
Emanuele Gentili
Uploaded to:
Edgy
Original maintainer:
sean finney
Architectures:
all
Section:
web
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Edgy: [FULLYBUILT] i386

Downloads

File Size SHA-256 Checksum
cacti_0.8.6h.orig.tar.gz 1.0 MiB 69b6ad51ee21c5367dc67a752a3745804531280356eb261d81f9636a647ca17e
cacti_0.8.6h-3ubuntu0.3.diff.gz 37.5 KiB 30879af97bfd7128e5aa0e660158a7611da12e76767f91b34b0eba59dd0fbf40
cacti_0.8.6h-3ubuntu0.3.dsc 601 bytes d8135cf37d473b5a5ba4296b6cf506ae52da5fb689e359ea2fc32d6ba95a3e80

View changes file

Binary packages built by this source

cacti: No summary available for cacti in ubuntu edgy.

No description available for cacti in ubuntu edgy.