Debian Security Advisory

DLA-386-1 cacti -- LTS security update

Date Reported:
14 Jan 2016
Affected Packages:
cacti
Vulnerable:
Yes
Security database references:
In Mitre's CVE dictionary: CVE-2015-8604.
More information:

It was discovered that there was another SQL injection vulnerability in cacti, a web interface for graphing monitoring systems.

For Debian 6 Squeeze, this issue has been fixed in cacti version 0.8.7g-1+squeeze9+deb6u14.