CVE-2015-6816

Published: 9 August 2017

ganglia-web before 3.7.1 allows remote attackers to bypass authentication.

Notes

Author	Note
sbeattie	web interface moved out of ganglia and into ganglia-web in 3.6.0-1

9.8

Package	Release	Status
ganglia Launchpad, Ubuntu, Debian	artful	Not vulnerable
	bionic	Not vulnerable
	cosmic	Not vulnerable
	disco	Not vulnerable
	eoan	Not vulnerable
	focal	Not vulnerable
	groovy	Not vulnerable
	hirsute	Not vulnerable
	impish	Not vulnerable
	jammy	Not vulnerable
	kinetic	Not vulnerable
	lunar	Not vulnerable
	mantic	Not vulnerable
	precise	Ignored (end of life)
	trusty	Not vulnerable (3.6.0-1ubuntu2)
	upstream	Released (3.6.0-1)
	vivid	Not vulnerable
	wily	Not vulnerable
	xenial	Not vulnerable
	yakkety	Not vulnerable
	zesty	Not vulnerable
ganglia-web Launchpad, Ubuntu, Debian	artful	Ignored (end of life)
	bionic	Needed
	cosmic	Ignored (end of life)
	disco	Ignored (end of life)
	eoan	Ignored (end of life)
	focal	Needed
	groovy	Ignored (end of life)
	hirsute	Not vulnerable (3.7.5+debian-1)
	impish	Not vulnerable (3.7.5+debian-1)
	jammy	Not vulnerable (3.7.5+debian-1)
	kinetic	Not vulnerable (3.7.5+debian-1)
	lunar	Not vulnerable (3.7.5+debian-1)
	mantic	Not vulnerable (3.7.5+debian-1)
	precise	Does not exist
	trusty	Does not exist (trusty was needed)
	upstream	Released (3.7.1)
	vivid	Ignored (end of life)
	wily	Ignored (end of life)
	xenial	Needed
	yakkety	Ignored (end of life)
	zesty	Ignored (end of life)
	Patches: upstream: https://github.com/ganglia/ganglia-web/commit/f8cc17054270d54f53d92bbe3f7764dc3d9efcc7

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.