*** This bug is a security vulnerability *** You have been subscribed to a public security bug by Marc Deslauriers (mdeslaur):
Binary package hint: cacti According to http://www.cacti.net/changelog.php: 0.8.7g bug: Fixed multiple cross site scripting vulnerabilities reported by Tomas Hoger of the Red Hat Security Response Team 0.8.7f security: SQL injection and shell escaping issues reported by Bonsai Information Security (http://www.bonsai-sec.com) security: Cross-site scripting issues reported by VUPEN Security (http://www.vupen.com) security: MOPS-2010-023: Cacti Graph Viewer SQL Injection Vulnerability (http://php-security.org) These fixes do not appear to have been backported to cacti 0.8.7e as shipped in Ubuntu 10.04. ** Affects: cacti (Ubuntu) Importance: Undecided Status: New -- [SECURITY] various fixes in cacti 0.8.7f and 0.8.7g https://bugs.edge.launchpad.net/bugs/606663 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
