[Frugalware-darcs] homepage-ng: FSA207-cacti

voroskoi voroskoi at frugalware.org
Mon Jun 25 16:49:50 CEST 2007

Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=homepage-ng;a=darcs_commitdiff;h=20070625154243-dd049-949004440c0cbae512b0f525b2f5e421a80c42ed.gz;

voroskoi <voroskoi at frugalware.org>**20070625154243] {
hunk ./frugalware/xml/security.xml 29
+	<fsa>
+		<id>207</id>
+		<date>2007-06-25</date>
+		<author>voroskoi</author>
+		<package>cacti</package>
+		<vulnerable>0.8.6j-1</vulnerable>
+		<unaffected>0.8.6j-2terminus1</unaffected>
+		<bts>http://bugs.frugalware.org/task/2133</bts>
+		<cve>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3112
+			http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3113</cve>
+		<desc>A vulnerability has been discovered in Cacti, which can be exploited by malicious people to cause a DoS (Denial of Service).
+			The vulnerability is caused due to an error in graph_image.php, which can be exploited to use lots of system resources by passing malicious values to the "graph_start", "graph_end", "graph_width", and "graph_height" parameters.</desc>
+	</fsa>

More information about the Frugalware-darcs mailing list