Debian Linux Security Update: Cacti packages fix regression
Cacti is an open source, web-based graphing tool designed as a frontend to RRDtool's data storage and graphing functionality. Cacti allows a user to poll services at predetermined intervals and graph the resulting data. It is generally used to graph time-series data like CPU load and bandwidth use. A common usage is to query network switch or router interfaces via SNMP to monitor network traffic.
It was discovered that Cacti, a systems and services monitoring frontend, performed insufficient input sanitising, leading to cross site scripting and SQL injection being possible.
Since the previous security update, the cacti package could no longer be rebuilt from the source package. This update corrects that problem. Note that this problem does not affect regular use of the provided binary packages (.deb).
Details:
=> Package : cacti
=> Vulnerability : insufficient input sanitising
=> Problem type : remote
=> Debian-specific: no
=> CVE Id(s) : CVE-2008-0783 CVE-2008-0785
How do I fix Cacti packages fix regression issues?
Simply type the following two commands as root user:
# apt-get update
# apt-get upgrade
E-mail this to a Friend
Printable Version
You may also be interested in other helpful articles:
- Red Hat Enterprise Linux 4 Kernel Bug Fix Update
- Rebuilding corrupted RPM database
- Building a source RPM using rpmbuild command
- Solaris > Finding more information about packages
- Howto: Finding out recently Installed RPMs under Suse Linux
Leave a Reply
We encourage your comments, and suggestions. But please stay on topic, be polite, and avoid spam. Thank you very much for stopping by our site!
Tags: bandwidth, binary packages, cpu load, CVE-2008-0783, CVE-2008-0785, data storage, linux security, open source web, regression, root user, router interfaces, scripting, snmp, source package, vulnerability



Recent Comments
Yesterday ~ 12 Comments
Yesterday ~ 8 Comments
Yesterday ~ 185 Comments
Yesterday ~ 15 Comments
Yesterday ~ 3 Comments