Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Ubuntu 22.04 LTS USN-6720-1: Critical Cacti SQL Injection Attack

ubuntu
Calendar Grey April 2, 2024
Dist Ubuntu Esm H88
Succulents might fail upon specially designed input. Distant threat actors may take advantage of this vulnerability. Discover the fix today.
Cacti could be made to crash if it received specially crafted input.

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS (Available with Ubuntu Pro) Summary: Cacti could be made to crash if it received specially crafted input. Software Description: - cacti: web interface for graphing of monitoring systems Details: Kentaro Kawane discovered that Cacti incorrectly handled user provided input sent through request parameters to the graph_view.php script. A remote authenticated attacker could use this issue to perform SQL injection attacks.

Topics%20covered

Topics Covered

security advisory critical remote attack sql injection ubuntu cacti

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS (Available with Ubuntu Pro): cacti 1.2.19+ds1-2ubuntu1+esm1 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-6720-1

CVE-2023-39361

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-6720-1

Topics%20covered

Topics Covered

security advisory critical remote attack sql injection ubuntu cacti

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here