CVE-2014-5262

Post general support questions here that do not specifically fall into the Linux or Windows categories.

Moderators: Developers, Moderators

Post Reply
dglatting
Posts: 1
Joined: Mon Aug 25, 2014 11:00 am

CVE-2014-5262

Post by dglatting »

CERT announced this CVE against Cacti. Are there patches?

Overview

SQL injection vulnerability in the graph settings script (graph_settings.php) in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.


http://web.nvd.nist.gov/view/vuln/detai ... -2014-5262
Top
cigamit
Developer
Posts: 3372
Joined: Thu Apr 07, 2005 3:29 pm
Location: B/CS Texas
Contact:
Contact cigamit

Re: CVE-2014-5262

Post by cigamit »

The patch is technically already listed in the URL you linked. I am sure Tony will get one posted in the patch section itself eventually (probably sooner if you bug him)
External Source: CONFIRM
Name: http://svn.cacti.net/viewvc?view=rev&revision=7454
Type: Patch Information
Hyperlink: http://svn.cacti.net/viewvc?view=rev&revision=7454
Top
Post Reply

Return to “Help: General”

Who is online

Users browsing this forum: No registered users and 2 guests