FreeBSD : cacti -- potential SQL injection and XSS attacks (96948a6a-e239-11d9-83cf-0010dc5df42d)

high Nessus Plugin ID 19037

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

iDEFENSE security group disclosed potential SQL injection attacks from unchecked user input and two security holes regarding potential cross site scripting attacks

Solution

Update the affected package.

See Also

https://www.cacti.net/release_notes_0_8_6e.php

http://www.nessus.org/u?350869e8

Plugin Details

Severity: High

ID: 19037

File Name: freebsd_pkg_96948a6ae23911d983cf0010dc5df42d.nasl

Version: 1.15

Type: local

Published: 7/13/2005

Updated: 1/6/2021

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:cacti, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 6/21/2005

Vulnerability Publication Date: 6/21/2005