FreeBSD : cacti -- multiple vulnerabilities (e02e6a4e-6b26-11df-96b2-0015587e2cc1)

This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Multiple vulnerabilities have been reported to exist in older version
of Cacti. The release notes of Cacti 0.8.7f summarizes the problems as
follows :

- SQL injection and shell escaping issues

- Cross-site scripting issues

- Cacti Graph Viewer SQL injection vulnerability

See also :

http://www.nessus.org/u?a242b538
http://www.cacti.net/release_notes_0_8_7f.php
http://www.nessus.org/u?39e1a6fb
http://www.vupen.com/english/advisories/2010/1204
http://www.nessus.org/u?8b534fac

Solution :

Update the affected package.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 47131 (freebsd_pkg_e02e6a4e6b2611df96b20015587e2cc1.nasl)

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now