Cacti: Multiple vulnerabilities Multiple vulnerabilities have been found in Cacti, the worst of which could lead to the remote execution of arbitrary code. 2016-07-16 2016-07-16 519900 568400 570984 574412 582996 remote 0.8.8h 0.8.8h

Cacti is a complete frontend to rrdtool.

Multiple vulnerabilities have been discovered in Cacti. Please review the CVE identifiers referenced below for details.

A remote attacker could possibly execute arbitrary code with the privileges of the process, or remote authenticated users could bypass intended access restrictions.

There is no known workaround at this time.

All Cacti users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=net-analyzer/cacti-0.8.8h" CVE-2014-5261 CVE-2014-5262 CVE-2015-8369 CVE-2015-8377 CVE-2015-8604 CVE-2016-2313 CVE-2016-3172 CVE-2016-3659 BlueKnight b-man