openSUSE Security Update : cacti (openSUSE-SU-2013:1377-1)
High Nessus Plugin ID 75127
SynopsisThe remote openSUSE host is missing a security update.
Descriptioncacti was updated to version 0.8.8b to fix security issues and bugs.
- Fixes CVE-2013-1434 CVE-2013-1435
- security: SQL injection and shell escaping issues
- bug: Fixed issue with custom data source information being lost when saved from edit
- bug: Repopulate the poller cache on new installations
- bug: Fix issue with poller not escaping the script query path correctly
- bug: Allow snmpv3 priv proto none
- bug: Fix issue where host activate may flush the entire poller item cache
SolutionUpdate the affected cacti package.