MDVSA-2012:010 -- Mandriva cactiID: oval:org.secpod.oval:def:1300037 | Date: (C)2013-04-08 (M)2022-10-10 |
Class: PATCH | Family: unix |
Multiple vulnerabilities has been found and corrected in cacti: SQL injection vulnerability in auth_login.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the login_username parameter . Various vulnerabilities were discovered and fixed in the 0.8.7i version . The updated packages provides the latest 0.8.7i version which are not affected by these issues.
Platform: |
Mandriva Enterprise Server 5.2 |