Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 5 Jan 2016 13:07:57 +0100
From: Andreas Stieger <>
Subject: Re: Re: CVE Request: cacti: SQL injection
 vulnerability in graphs_new.php


On 01/05/2016 12:12 PM, Salvatore Bonaccorso wrote:
> On Tue, Jan 05, 2016 at 10:20:23AM +0100, Andreas Stieger wrote:
>> On 01/05/2016 12:58 AM, wrote:
>>>> Another SQL injection vulnerability via graphs_new.php in cacti was
>>>> found, reported to the bug
>>> is CVE-2015-8604.
>> Check against a possible duplicate assignment with CVE-2015-8377?
> Theree are two different vulnerabilities here, see second comment in
> which describe both, the
> CVE-2015-8377 and the new assigned one (CVE-2015-8604).

Thanks for the clarification,

Andreas Stieger <>
Project Manager Security
SUSE Linux GmbH, GF: Felix Imend├Ârffer, Jane Smithard, Graham Norton,
HRB 21284 (AG N├╝rnberg)

Download attachment "signature.asc" of type "application/pgp-signature" (802 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ