OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
[SA16136] Debian update for cacti

From: Secunia Security Advisories (sec-advsecunia.com)
Date: Thu Jul 21 2005 - 03:22:33 CDT


----------------------------------------------------------------------

Bist Du interessiert an einem neuen Job in IT-Sicherheit?

Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-
Sicherheit:
http://secunia.com/secunia_vacancies/

----------------------------------------------------------------------

TITLE:
Debian update for cacti

SECUNIA ADVISORY ID:
SA16136

VERIFY ADVISORY:
http://secunia.com/advisories/16136/

CRITICAL:
Highly critical

IMPACT:
Security Bypass, Manipulation of data, System access

WHERE:
From remote

OPERATING SYSTEM:
Debian GNU/Linux 3.0
http://secunia.com/product/143/
Debian GNU/Linux 3.1
http://secunia.com/product/5307/
Debian GNU/Linux unstable alias sid
http://secunia.com/product/530/

DESCRIPTION:
Debian has issued an update for cacti. This fixes some
vulnerabilities, which can be exploited by malicious people to
conduct SQL injection attacks, bypass certain security restrictions
and compromise a vulnerable system.

For more information:
SA15490
SA15908

SOLUTION:
Apply updated packages.

-- Debian GNU/Linux 3.0 --

Source archives:

http://security.debian.org/pool/updates/main/c/cacti/cacti_0.6.7-2.5.dsc
Size/MD5 checksum: 565 ca9cffd44ea6e8235005ce8e066fb88e
http://security.debian.org/pool/updates/main/c/cacti/cacti_0.6.7-2.5.diff.gz
Size/MD5 checksum: 25286 18aad674e7ef91dafb11af9a02c677d7
http://security.debian.org/pool/updates/main/c/cacti/cacti_0.6.7.orig.tar.gz
Size/MD5 checksum: 206608 b004ac1ca1dd18737f0fa685fe18737c

Architecture independent components:

http://security.debian.org/pool/updates/main/c/cacti/cacti_0.6.7-2.5_all.deb
Size/MD5 checksum: 212418 ae47dc9aeb1820c5074fc39c5b6c84bc

-- Debian GNU/Linux 3.1 --

Source archives:

http://security.debian.org/pool/updates/main/c/cacti/cacti_0.8.6c-7sarge2.dsc
Size/MD5 checksum: 595 50f791f80662a02e982e82e4be7e59b5
http://security.debian.org/pool/updates/main/c/cacti/cacti_0.8.6c-7sarge2.diff.gz
Size/MD5 checksum: 42575 a9959e2d720a6f7188c5713494b9eaaa
http://security.debian.org/pool/updates/main/c/cacti/cacti_0.8.6c.orig.tar.gz
Size/MD5 checksum: 1046586 b4130300f671e773ebea3b8f715912c1

Architecture independent components:

http://security.debian.org/pool/updates/main/c/cacti/cacti_0.8.6c-7sarge2_all.deb
Size/MD5 checksum: 1058544 2b5fe2ca0dc11a199c20f5bf7b3aa7ee

-- Debian GNU/Linux unstable alias sid --

Fixed in version 0.8.6e-1.

ORIGINAL ADVISORY:
http://www.debian.org/security/2005/dsa-764

OTHER REFERENCES:
SA15490:
http://secunia.com/advisories/15490/

SA15908:
http://secunia.com/advisories/15908/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories

----------------------------------------------------------------------