Alerts This Week
Warning Icon 1 566
Alerts This Week
Warning Icon 1 566

Gentoo: GLSA-200408-21 Normal: Cacti SQL Injection Attack Risk

gentoo
Calendar Grey August 23, 2004
Dist Gentoo Esm H88
Cacti on Gentoo has a security flaw due to SQL injection, allowing unauthorized users to modify passwords. It's crucial to upgrade to address this vulnerability.
With special configurations of Cacti it is possible to change passwords via a SQL injection attack.

Summary

Gentoo Linux Security Advisory GLSA 200408-21 https://security.gentoo.org/ Severity: Normal Title: Cacti: SQL injection vulnerability Date: August 23, 2004 Bugs: #60630 ID: 200408-21

Synopsis ======= With special configurations of Cacti it is possible to change passwords via a SQL injection attack.
Background ========= Cacti is a complete web-based front end to rrdtool.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-analyzer/cacti <= 0.8.5a >= 0.8.5a-r1
========== Cacti is vulnerable to a SQL injection attack where an attacker may inject SQL into the Username field.
Impact ===== An attacker could use these vulnerabilities to compromise the Cacti serv...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory gentoo web application sql injection cacti attack risk normal severity

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns


Warning: Undefined array key "advisory_info" in /var/www/www.linuxsecurity.com-443/html/tmp/regularlabs/custom_php/3460465_4c9dbbdde36eef04251a4ced7eac4df9 on line 11

Topics%20covered

Topics Covered

security advisory gentoo web application sql injection cacti attack risk normal severity

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Related News

Your message here