What Are You Looking For?

Sign Up
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5550-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
November 08, 2023                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : cacti
CVE ID         : CVE-2023-39357 CVE-2023-39359 CVE-2023-39361 CVE-2023-39362 
                 CVE-2023-39364 CVE-2023-39365 CVE-2023-39513 CVE-2023-39515 
                 CVE-2023-39516 CVE-2023-39514 CVE-2023-39512 CVE-2023-39510
		 CVE-2023-39366 

Multiple security vulnerabilities have been discovered in Cacti, a web
interface for graphing of monitoring systems, which could result in
cross-site scripting, SQL injection, an open redirect or command injection.
 
For the oldstable distribution (bullseye), these problems have been fixed
in version 1.2.16+ds1-2+deb11u2.

For the stable distribution (bookworm), these problems have been fixed in
version 1.2.24+ds1-1+deb12u1.

We recommend that you upgrade your cacti packages.

For the detailed security status of cacti please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/cacti

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org

Debian: DSA-5550-1: cacti security update

November 8, 2023
Multiple security vulnerabilities have been discovered in Cacti, a web interface for graphing of monitoring systems, which could result in cross-site scripting, SQL injection, an o...

Summary

Multiple security vulnerabilities have been discovered in Cacti, a web
interface for graphing of monitoring systems, which could result in
cross-site scripting, SQL injection, an open redirect or command injection.

For the oldstable distribution (bullseye), these problems have been fixed
in version 1.2.16+ds1-2+deb11u2.

For the stable distribution (bookworm), these problems have been fixed in
version 1.2.24+ds1-1+deb12u1.

We recommend that you upgrade your cacti packages.

For the detailed security status of cacti please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/cacti

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org

Severity
Package : cacti
CVE ID : CVE-2023-39357 CVE-2023-39359 CVE-2023-39361 CVE-2023-39362
CVE-2023-39364 CVE-2023-39365 CVE-2023-39513 CVE-2023-39515
CVE-2023-39516 CVE-2023-39514 CVE-2023-39512 CVE-2023-39510
CVE-2023-39366

Related News

From Heartbleed to Now: Evolving Threats in OpenSSL and How to Guard Against Them

Nov 17, 2023

Security Highlights from KubeCon + CloudNativeCon 2023

Nov 18, 2023

Kubernetes Security on AWS: A Practical Guide

Nov 18, 2023

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

Nov 25, 2023

News

Advisories

HOWTOs

Features

Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024
Cloud Security Basics for Small Businesses
Scanning and Defending Networks with Nmap
CISA Issues Urgent Warning Over Active Exploitation of Looney Tunables glibc Bug

About Us

Powered By

Footer Logo