Vulnerability   
Search   
    Search 191973 CVE descriptions
and 86218 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.702747
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 2747-1 (cacti - several vulnerabilities)
Summary:Two vulnerabilities were discovered in Cacti, a web interface for;graphing of monitoring systems:;;CVE-2013-5588;install/index.php and cacti/host.php suffered from Cross-Site;Scripting vulnerabilities.;;CVE-2013-5589;cacti/host.php contained an SQL injection vulnerability, allowing;an attacker to execute SQL code on the database used by Cacti.
Description:Summary:
Two vulnerabilities were discovered in Cacti, a web interface for
graphing of monitoring systems:

CVE-2013-5588
install/index.php and cacti/host.php suffered from Cross-Site
Scripting vulnerabilities.

CVE-2013-5589
cacti/host.php contained an SQL injection vulnerability, allowing
an attacker to execute SQL code on the database used by Cacti.

Affected Software/OS:
cacti on Debian Linux

Solution:
For the oldstable distribution (squeeze), these problems have been fixed in
version 0.8.7g-1+squeeze3.

For the stable distribution (wheezy), these problems have been fixed in
version 0.8.8a+dfsg-5+deb7u2.

For the unstable distribution (sid), these problems have been fixed in
version 0.8.8b+dfsg-3.

We recommend that you upgrade your cacti packages.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2013-5588
BugTraq ID: 62001
http://www.securityfocus.com/bid/62001
Debian Security Information: DSA-2747 (Google Search)
http://www.debian.org/security/2013/dsa-2747
http://secunia.com/advisories/54652
SuSE Security Announcement: openSUSE-SU-2015:0479 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-03/msg00034.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-5589
BugTraq ID: 62005
http://www.securityfocus.com/bid/62005
CopyrightCopyright (C) 2013 Greenbone Networks GmbH http://greenbone.net

This is only one of 86218 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2020 E-Soft Inc. All rights reserved.