2
Candidate: CVE-2007-6465
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6465
6
Multiple cross-site scripting (XSS) vulnerabilities in ganglia-web in
7
Ganglia before 3.0.6 allow remote attackers to inject arbitrary web script
8
or HTML via the (1) c and (2) h parameters to (a) web/host_gmetrics.php;
9
the (3) G, (4) me, (5) x, (6) n, (7) v, (8) l, (9) vl, and (10) st
10
parameters to (b) web/graph.php; and the (11) c, (12) G, (13) h, (14) r,
11
(15) m, (16) s, (17) cr, (18) hc, (19) sh, (20) p, (21) t, (22) jr, (23)
12
js, (24) gw, (25) z, and (26) gs parameters to (c) web/get_context.php.
13
NOTE: some of these details are obtained from third party information.
16
jdstrand> Ubuntu versions are all 2.x, so may not be affected
17
fujitsu> Not affected, as there is no web frontend in Ubuntu.
21
upstream_ganglia-monitor-core:
22
dapper_ganglia-monitor-core: not-affected
23
edgy_ganglia-monitor-core: not-affected
24
feisty_ganglia-monitor-core: not-affected
25
gutsy_ganglia-monitor-core: not-affected
26
devel_ganglia-monitor-core: not-affected