ID de Prueba:	1.3.6.1.4.1.25623.1.0.67560
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Security Advisory MDVSA-2010:117 (cacti)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to cacti announced via advisory MDVSA-2010:117. A vulnerability has been discovered and corrected in cacti: SQL injection vulnerability in graph.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via the rra_id parameter in a GET request in conjunction with a valid rra_id value in a POST request or a cookie, which bypasses the validation routine (CVE-2010-2092). The updated packages have been patched to correct this issue. Affected: Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2010:117 Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2092 Debian Security Information: DSA-2060 (Google Search) http://www.debian.org/security/2010/dsa-2060 http://php-security.org/2010/05/13/mops-2010-023-cacti-graph-viewer-sql-injection-vulnerability/index.html RedHat Security Advisories: RHSA-2010:0635 https://rhn.redhat.com/errata/RHSA-2010-0635.html http://secunia.com/advisories/41041 http://www.vupen.com/english/advisories/2010/2132
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.