PublicDate: 2007-11-20 11:46:00 UTC
Candidate: CVE-2007-6035
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6035
Description:
 SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows
 remote attackers to execute arbitrary SQL commands via the local_graph_id
 parameter.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.launchpad.net/ubuntu/+source/cacti/+bug/164072
Priority: medium
Discovered-by:
Assigned-to: iamfuzz
CVSS: 

Patches_cacti:
 vendor: https://bugs.launchpad.net/ubuntu/dapper/+source/cacti/+bug/164072
upstream_cacti: released (0.8.7a)
dapper_cacti: released (0.8.6h-1ubuntu3.4)
edgy_cacti: pending (reached end-of-life)
feisty_cacti: released (0.8.6i-3ubuntu0.1)
gutsy_cacti: released (0.8.6j-1.1ubuntu0.1)
hardy_cacti: not-affected
intrepid_cacti: not-affected
devel_cacti: not-affected