CVE-2007-6035
Published: 20 November 2007
SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter.
Priority
Status
Package | Release | Status |
---|---|---|
cacti Launchpad, Ubuntu, Debian |
dapper |
Released
(0.8.6h-1ubuntu3.4)
|
edgy |
Ignored
(end of life, was pending)
|
|
feisty |
Released
(0.8.6i-3ubuntu0.1)
|
|
gutsy |
Released
(0.8.6j-1.1ubuntu0.1)
|
|
hardy |
Not vulnerable
|
|
intrepid |
Not vulnerable
|
|
upstream |
Released
(0.8.7a)
|
|
Patches: vendor: https://bugs.launchpad.net/ubuntu/dapper/+source/cacti/+bug/164072 |