CVE-2011-4824
Published: 15 December 2011
SQL injection vulnerability in auth_login.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the login_username parameter.
Priority
Status
Package | Release | Status |
---|---|---|
cacti Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Released
(0.8.7e-2ubuntu0.2)
|
|
maverick |
Released
(0.8.7g-1ubuntu0.1)
|
|
natty |
Released
(0.8.7g-1ubuntu0.1)
|
|
oneiric |
Released
(0.8.7g-2.1ubuntu0.1)
|
|
precise |
Not vulnerable
(0.8.7i-2ubuntu1)
|
|
upstream |
Released
(0.8.7h)
|
|
Patches: debdiff: https://bugs.launchpad.net/ubuntu/+source/cacti/+bug/906773 upstream: http://svn.cacti.net/viewvc?view=rev&revision=6807 |