ID de Prueba:	1.3.6.1.4.1.25623.1.0.70684
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Security Advisory MDVSA-2012:010 (cacti)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to cacti announced via advisory MDVSA-2012:010. Multiple vulnerabilities has been found and corrected in cacti: SQL injection vulnerability in auth_login.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the login_username parameter (CVE-2011-4824). Various vulnerabilities were discovered and fixed in the 0.8.7i version (cacti bug 2062). The updated packages provides the latest 0.8.7i version which are not affected by these issues. Affected: Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2012:010 http://bugs.cacti.net/view.php?id=2062 Risk factor : High
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-4824 BugTraq ID: 50671 http://www.securityfocus.com/bid/50671 http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069126.html http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069141.html http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069137.html http://secunia.com/advisories/44133 http://secunia.com/advisories/46876 XForce ISS Database: cacti-unspecified-sql-injection(71326) https://exchange.xforce.ibmcloud.com/vulnerabilities/71326
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.