Debian: 2039-1: cacti: missing input sanitising

view full story

http://www.linuxsecurity.com – LinuxSecurity.com: It was discovered that Cacti, a frontend to rrdtool for monitoring systems and services missed input sanitising, making an SQL injection attack possible. [More...] (Security)

Submitted by jiqi2 on 04/24/2010 – Made popular on 04/24/2010

Login or register to post comments
Email this page

Security

Stories similar to Debian: 2039-1: cacti: missing input sanitising

Install Cacti on Debian for dummies 42 weeks 6 days ago

Hi all,

I want to install cacti (frontend to RRDTool) on my Debian 6 VPS.

My dummy questions please...

The requirements include RRDTool and net-snmp so is there a way to check these are properly installed?

Debian: 2009-1: tdiary: insufficient input sanitisi 3 years 10 weeks ago

LinuxSecurity.com: It was discovered that tdiary, a communication-friendly weblog system, is prone to a cross-site scripting vulnerability due to insuficient input sanitising in the TrackBack transmission plugin. [More...]

[ubuntu] Cacti Trouble, can't add graphs from CLI 43 weeks 2 days ago

I've recently installed cacti using repos and then added a web page speed test tool from this website; http://www.askaboutphp.com/44/cacti-...ng-part-1.html

After following the guide above I have setup templates so I can add a bunch of websites via CLI for monitoring. Trouble is its not working.

Cacti System Utilities says wrong RRDTool and Graphs dont show up 1 year 22 weeks ago

Im using Cacti to try to monitor our network: www.cacti.net

My graphs are just showing broken image links.

remote haproxy data gathering through cacti fail 1 year 20 weeks ago

Am new to cacti so please forgive me if my question sounds stupid, I have tried my best to find the solution for the problem but still needs help. I want to gather number of lines in the haproxy.log file from a remote front end(FE) machine, I have added this device successfully in cacti and graphs like load average are being drawn.

Icinga idoutils, Cacti Templates. migration concern 41 weeks 1 day ago

I'm setting up some MySQL monitoring and migrating from Nagios + Cacti to Icinga. Does Idoutils replace Cacti, for pragmatic purposes? Does Idoutils utilize cacti templates? Or if not is migrating them simple? What about Percona Cacti graphs? Can they be utilized in Idoutils?

I really appreciate any advise on this question,

Cacti redirecting to login always 12 weeks 2 days ago

I have just manually installed Cacti 0.8.8a on a Debian 6 box with NginX 1.2.0 & PHP5-FPM 5.3.20

After going to through the initial cacti-PHP install config checks, I was brought to the login page and attempted to log in with the default admin/admin only to be redirected back to the login form.

I can see in the cacti log file that each log in was successful: AUTH LOGIN: User 'admin' Authenti

new cacti installation on ubuntu 12.04 64bit not graphing any data 28 weeks 6 days ago

Hey guys i just installed cacti on a ubuntu 12.04 server and am having issues with any data showing up on my graphs.

If i snmpwalk the certain OID it works.

[ubuntu] Cacti with Fail2ban 45 weeks 15 hours ago

Does anyone have Cacti with Fail2ban working?

I used the additional scripts from fail2ban and placed them in cacti.

/usr/share/cacti/site/scripts/fail2ban_stats.sh

The readout of the jails is done with fail2ban-client. But as cacti is running non-root it cannot access the data.

Didn't find any solution in the forum...

What I now did was (and this works perfect): chmod ugo+rwx /var/run/fail2ba

Debian: 2039-1: cacti: missing input sanitising

Search

Beautiful linux wallpapers

Tags