SalvusAlert : Mandriva MES5 Patch correct Cacti issues.

Summary: Mandriva Ent 5 server updates released to correct Cacti vulnerabilities.


Information At A Glance
Source	Version/Dependency	Developer	Severity
Mandriva.com	Cacti 0.8.7i / Mandriva MES5	Mandriva	n/a
Summary Multiple vulnerabilities has been found and corrected in cacti. Mandriva has released updates to correct the following: 1) SQL injection vulnerability in auth_login.php in Cacti before 0.8.7h (CVE-2011-4824). 2) Various vulnerabilities were discovered and fixed in the 0.8.7i version (cacti bug 2062).The updated packages provides the latest 0.8.7i version which are not affected by these issues. ” Fix Please apply patches. To upgrade automatically, use MandrivaUpdate. Be sure and verify your updates as follows: rpm –checksig package.rpm - see: http://www.mandriva.com/en/support/security/advisories/?dis=mes5&name=MDVSA-2012:010 for full details and additional information. Source Reported in Mandriva Security Advisory MDVSA-2012:010

Advertisement: Download an audiobook for $7.49 and save 50% for your first 3 months. Choose from over 100,000 titles.

Disclaimer: Salvus Alerting provides timely industry related information to its subscriber community and visitors for informational purposes only and makes every effort to distribute accurate and reliable information. Any information provided, is considered “as-is” and the subscriber and/or visitor assumes all responsibility for its uses. Salvus Alerting disclaims all warranties with regard to the information being provided, including all implied warranties of merchantability and fitness. In no event shall Salvus Alerting be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other legal action, arising out of or in connection with the use or performance of this information being provided. Salvus Systems and Salvus Alerting is a wholly owned and operated by FactNgN, LLC.